Skip to Main Content
Security for Web Developers
book

Security for Web Developers

by John Paul Mueller
November 2015
Intermediate to advanced content levelIntermediate to advanced
384 pages
10h 39m
English
O'Reilly Media, Inc.
Content preview from Security for Web Developers

Chapter 7. Using APIs with Care

APIs provide a means of using full-blown applications on someone else’s server to meet your specific needs. Working with an API means sending a request to a black box and receiving a response of some sort back. The request can be as simple as a function call, but often requires that you supply data. The response can be in the form of data, but could also be some other service. For example, there are APIs for performing physical tasks such as opening doors. In fact, APIs can likely meet any generic need you might require. This chapter discusses the security implications of using APIs, including how APIs differ from libraries.

Part of discovering the security threats that APIs represent is viewing coded examples. This chapter uses a simple example as part of the explanation process. Although you could use the target API for a significant number of application tasks, the point is to create some to use for discussion purposes and then look at how the use of an API could create problems for any application. View the example in this chapter as a point of discussion, rather than an actual programming technique.

Note

Although this chapter does discuss specific APIs in both coded examples and as examples of where APIs can go wrong, the intent isn’t to single out any particular API. Every API you use could have serious flaws that enable a hacker to gain access to your system or cause other sorts of problems for your application. The specific examples help ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developer's Guide to Web Application Security

Developer's Guide to Web Application Security

Michael Cross
Web Security Testing Cookbook

Web Security Testing Cookbook

Paco Hope, Ben Walther

Publisher Resources

ISBN: 9781491928684Errata Page