O'Reilly logo

Writing Secure Code by Michael Howard and David LeBlanc

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 13. Web-Specific Input Issues

It’s now time to turn our attention to what is potentially the most hostile of all environments: the Web. In this chapter, I’ll focus on making sure that applications that use the Web as a transport mechanism are safe from attack. I’m assuming you’ve read Chapter 10 and Chapter 11, before reading this, and if you use a database as part of your Web-based application, you should also read Chapter 12.

Virtually all Web applications perform some action based on user requests. Let’s be honest: a Web-based service that doesn’t take user input is probably worthless! Remember that you should determine what data is valid and reject all other input. I know I sound like a broken record, but data verification is probably ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required