Over the next couple of weeks I am going to start writing about web application security and types of attacks that we as developers must know about and defend our applications against.
The three main types of attacks are:
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)
SQL Injection
These are significant issues and there is a large number [...]
Tags: security
Steve Gibson continues his excellent series on scripting security. He talks about cross-site scripting in the is episode. He goes into details about how an attack works, gives some examples and provides several great links. This is a must listen to for anyone developing web sites or web applications.
Have a listen [link]
Share [...]
In this episode, Leo Laporte and Steve Gibson talk about Cross Site Scripting – what it is, some of the dangers, examples of attacks and discuss automated tools that help expose venerabilities in your web app or site. They also discuss in depth something called Jikto that can potential take over your computer through [...]
There are two plugins that can help prevent CSRF attacks. I have not had a chance to take these for a test drive but I will soon and I blog about how they work. CSRF stands for Cross-site request forgery Attack (link) and is an upcoming type of attack used against web sites.
Security [...]
Tags: Rails Plugins · security
Nadav Samet provides a good description of the three major attacks that happen that can be prevented through the code of your web site.
Here is the link.
Share and Enjoy:
These icons link to social bookmarking sites where readers can share and discover new web pages.
Tags: security
Joe Walker of DWR has an explanation of the CSRF Attack against GMail and some ways to protect your site from this type of attack. Here is the link.
Share and Enjoy:
These icons link to social bookmarking sites where readers can share and discover new web pages.
