What makes Web Application different from Windows apps or other client apps is that it is accessible remotely and all users can access the same application anywhere. This also eliminates the need to have all users install software upgrades, the developer can update the version on the server. However, web applications are prone to security issues like
1: Injection
- Can be done by simply adding input to invalidate SQL query and add their own potentially dangerous query.
- Can be prevented by filtering the user inputs and have the methods accept specific types of data (parameter based query commands).
2: Cross-Site Scripting (XSS)
- Same with injection. If the inputs available to user are filtered,
3: Broken Authentication and Session Management
4: Insecure Direct Object References
5: Cross-Site Request Forgery (CSRF)
6: Security Misconfiguration
- configs
7: Insecure Cryptographic Storage
8: Failure to Restrict URL Access
- disable directory browsing
9: Insufficient Transport Layer Protection
- SSL
10: Unvalidated Redirects and Forwards
Source: OWASP (http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
Web Dev Matters and Me
Web Development Matters - HTML, XML, C#, .NET, AJAX/Javascript(jQuery), CSS, XML-XSLT
ME - LIFE,Philippines, Tokyo, ECE, PhilNITS/JITSE,情報処理, 日本語
things about Philippines, gaming, C# development and web development, how to make money in stock trading
About me
.
PRC Electronics and Communications Engineer
PhilNITS/JITSE IT Engineer
Web Developer
Investor
I'm from Philippines. よろしく!
PRC Electronics and Communications Engineer
PhilNITS/JITSE IT Engineer
Web Developer
Investor
Pageviews
Tech Stacks
C#
T-SQL
SSRS
ASP
HTML (W3C)
CSS
XSLT
Javascript/jQuery/AJAX
日本語・タガログ・英語
Silent Sneeze
T-SQL
SSRS
ASP
HTML (W3C)
CSS
XSLT
Javascript/jQuery/AJAX
日本語・タガログ・英語
Silent Sneeze
Tools
- iPhone4
- Sony PSP2000-Felicia Blue
- Sony PSP2000-Deep Red
- VGNP91HS
- VGNFE3
Current cutures
en-PH philippines
ja-JP japan
en-US US
Latest ERROR / BUG that bit me....
The remote server returned an error: (550) File unavailable (e.g., file not found, no access).
solved by
FTP accounts failing on upload
================
XSLT8690: XSLT processing failed
solved by
removing fault part in XSL templates.
================
Error 24 Cannot implicitly convert type 'byte[]' to 'System.Data.Linq.Binary'
SOLVED BY
<add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/></add>
SOLVED BY
<add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/></add>
CONTACT ME
About this blog
あげりたいが、あげられないし
止めリたいが、止められないし
慣れる言葉が忘れないように
明るく前向きで何とか使って
楽々と人生を歩んで
いつも忘れられない
また。。
Labels
- web (88)
- english-post (44)
- tokyo (38)
- philippines (19)
- stocks (12)
- c# (11)
- xslt (9)
- asp.net (6)
- xml (6)
- computer (5)
- silverlight (5)
- tagalog-post (5)
- SQL (4)
- foods (4)
- stock market (4)
- 日本語-post (4)
- Surprise-Box (3)
- japan (3)
- japan life (3)
- news and current events (3)
- travel (3)
- .net (2)
- hosting (2)
- japanese language (2)
- me (2)
- t-sql (2)
- windowforms (2)
- CLR (1)
- Chrome (1)
- Firefox (1)
- IE (1)
- PRC ECE board (1)
- WCF (1)
- XSLT8690 (1)
- credit card (1)
- css (1)
- cybercrimelaw (1)
- exam (1)
- fraud (1)
- iis (1)
- japanese people (1)
- javascript (1)
- jitse (1)
- lightswitch (1)
- living (1)
- mvp (1)
- philnits (1)
- pse (1)
- psp (1)
- ssrs (1)
- xaml (1)
- ウェブ開発 (1)
- 終わり (1)
Copyright 2009 -
Web Dev Matters and Me
Web Designer India: Ray Creations. Sponsored by Web Hosting India.
Web Designer India: Ray Creations. Sponsored by Web Hosting India.