Spotting the Sin Pattern

Previous page
Table of content
Next page

Any application that has the following pattern is at risk of cross-site scripting:

  • The web application takes input from an HTTP entity such as a querystring, header, or form.

  • The application does not check the input for validity.

  • The application echoes the data back into a browser.


Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Agile Project Management: Creating Innovative Products (2nd Edition)
Adobe After Effects 7.0 Studio Techniques
FileMaker Pro 8: The Missing Manual
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
VBScript in a Nutshell, 2nd Edition
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy