July 2017
Beginner to intermediate
358 pages
10h 54m
English
When you are building an API, you need to ensure that you are checking that the authenticated users can modify the object in the request. This would be performed server side; we do not want to give our attacker the capability to create a genuine login and then be able to manipulate the request to perform an action on behalf of another user.
The OWASP documents are regularly updated as new attacks and vulnerabilities are found; check the site at regular intervals and keep yourself up to date.
Read now
Unlock full access