O'Reilly logo

Web Penetration Testing with Kali Linux - Third Edition by Juned Ahmed Ansari, Gilberto Najera-Gutierrez

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Bypassing client-side controls

With all of the capabilities of modern web applications on the client side, it's sometimes easier for developers to delegate checks and controls to client code executed by the browser, thus freeing the server of that extra processing. At first, this may seem like a good idea; that is, letting the client handle all of the data presentation, validation of user input, and formatting and use the server only to process business logic. However, when the client is a web browser, which is a multipurpose tool that is not used exclusively for one application, and which can use a proxy to tunnel all communications that can then be tampered with and controlled by the user, developers need to reinforce all security-related ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required