70
seCure develoPment For mobIle APPs
PHP Security Design Best Practices Summary
Every web application needs to address the following issues in order to meet the
requirements for current web application protection.
Architect application character set
Architect HTTP request patterns
Architect HTTP cookie usage
Architect input validation
Architect output escaping
Architect session management
Protect secret files/protect included files
Protect user passwords
Protect user session data
Protect against CSRF attacks
Protect against SQL injection attacks
Protect against XSS attacks
Protect against file system attacks
Proper error handling
Architect Application Character Set
e foundation of a secure process is speaking the language. e character set needed
to suppor