April 2011
Intermediate to advanced
500 pages
16h 12m
English
Content preview from Developer's Guide to Web Application Security
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
462 Index
in Web application security
process, 452
code signing, 255
code vulnerabilities
QA team review of, 438–439
response to, 197
testing, 439–441
See also vulnerabilities
CodeBaseSearchPath, 333
code-signing certificate, 338, 339
coding
creativity in, 41–46
planning, 442–443
security from code grinder’s
perspective, 46–49
standards for, 442, 443–444
tools for, 444–448
ColdFusion
application processing, 376–382
bytecode use, 356
CFINCLUDE tag, 365–366,
368–369
code auditing, 206
ColdFusion Markup Language,
358–360
DoS attacks, 374–375
ease of use, 356–358
external objects/libraries, 220
external programs, calling, 219
features of, 354
functions that take filenames, 217
networking/communication
streams, 224
process, 355–356
queries, 369–373
relative paths, 366–368
risks of ...