O'Reilly logo

Securing PHP Apps by Ben Edmunds

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

© Ben Edmunds 2016

Ben Edmunds, Securing PHP Apps, 10.1007/978-1-4842-2120-4_5

5. Safe Defaults, Cross-Site Scripting, and Other Popular Hacks

Ben Edmunds

(1)Brooklyn, New York, USA

No story this time. This chapter is a catch-all for a couple other attacks you need to protect against, so there isn’t an overarching narrative. Try to contain your disappointment.

Never Trust Yourself: Use Safe Defaults

One of the core concepts of a secure system is safe defaults. Whenever possible (and it’s usually possible), you should define variables, properties, and so forth early with a safe default.

A safe default usually means a NULL, empty, or FALSE state. When determining logic flow, the default should always be a failure. For example, in the authentication ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required