Basic validation checks
For a good deal of business applications, we'll need to be the brains of the operation and help the tools understand how the application is expected to work. Proxy tools can help, and they can help us hone in on passed variables, showing us where the handoffs between client and server exist. Most application developers will only think to validate on one end or the other, and so, by catching them in one of these handoffs, we can often find some room to cause trouble. If it is an e-commerce site, we'll want to validate that the application doesn't let a proxy set its own price. If it is an HR site or healthcare portal, we'll want to ensure that deliberately invalid information cannot be submitted in the place of valid ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access