C H A P T E R 13
As we all know, security is important for any application. This is especially true for web applications, which are exposed to the Internet. Exposure to outside threats is obvious, and dealing with it will be a major part of your effort to develop secure solutions. However, the challenges that confront a developer are not only external threats.
Because security doesn’t add functionality, it is often underemphasized and sometimes even hard to justify in terms of time and resources. It often ends up being forgotten or implemented badly under the pressure of tight deadlines and the demands for fulfilling all functional requirements. Of course, it is a mistake to look at security in terms of “functionality.”