Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

Prev | Current Page 10 | Next

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"

. . . . . . . . . . . . . . . . . 13
LDAP Injection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Buffer Over?¬‚ ows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Testing for Injection Exposures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Automated Testing with iSEC??™s SecurityQA Toolbar . . . . . . . . . . . . . 18
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
?–? 2 Cross-Site Scripting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Web Browser Security Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Same Origin/Domain Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Cookie Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Problems with Setting and Parsing Cookies . . . . . . . . . . . . . . . . 27
Using JavaScript to Reduce the Cookie Security
Model to the Same Origin Policy . . . . . . . . . . . . . . . . . . . . . . . 28
Flash Security Model .

Pages:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

After the Rain : how the West lost the East (page 331) A History of Indian Philosophy, Volume 1 (page 1108) The Adventures of Tom Sawyer, Part 3. (page 62)

Books for you

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"