Web App Security

Vishwas Parameshwarappa has an article on securing web applications:

The Cross-site request forgery (CSRF) exploit uses cross-site scripting (mentioned above), browser insecurities, and other techniques to cause a user to unwittingly perform an action within their current authenticated context that allows the attacker to access the user’s account. This type of attack usually occurs when a malicious email, blog, or a message causes a user’s Web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.

This is a nice overview of the most common attack vectors for web applications.

Related Posts

The Decorator Pattern

Nancy Jain explains the Decorator pattern: Decorator design pattern is a structural design pattern. Structural design patterns focus on Class and Object composition and decorator design pattern is about adding responsibilities to objects dynamically. Decorator design pattern gives some additional responsibility to our base class. This pattern is about creating a decorator class that can […]

Read More

Why .NET And Java Have StringBuilders

Randolph West walks us through a performance troubleshooting issue with a twist: So we branch the the code in source control, and start writing a helper class to manage the data for us closer to the application. We throw in a SqlDataAdapter, use the Fill() method to bring back all the rows from the query in one go, and then […]

Read More

Categories

January 2017
MTWTFSS
« Dec Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031