Securing the Application
There is no intelligence where there is no change and no need of change.
— H. G. Wells, “The Time Machine"
The security of web applications has many facets. First and foremost, in a web scenario, security relates to the act of ensuring the confidentiality of the data being exchanged. Second, it relates to avoiding tampering with the data thus ensuring that the integrity of the information is preserved as it travels end to end. Another aspect of web security is preventing injection of malicious code in the running application. Finally, security relates to building applications (and sections of an application) that only authenticated and authorized users can access.
In this chapter, we’ll see how to implement ...