O'Reilly logo

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services by Mike Andrews, James A. Whittaker

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 3. Attacking the Client

image

What’s In This Chapter?

This chapter outlines attacks against ill-advised, client-side coding tricks that work on normal graphical user interface (GUI) applications but create security disasters in Web applications. The problem: Client-side code is too easy to tamper with. The lesson: You need to do all the important stuff on the server.

Also see Chapter 5, “Attacking User-Supplied Input Data,” for attacks against user input, which also affect the client.

Introduction

Long before the Web existed, most software was self-contained on a single machine or executed in a closed (non Internet-facing) client-server environment. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required