Image of Iron-clad java
Bookmark Share

Text

Iron-clad java

Anak Judul: best practices for secure java web application development.

Terdapat bibliografi dan indeks.

CONTENTS:

1. Web Application Security Basics

< >What Is Untrusted Data?

< >HTTP Security Considerations

< >< >HTTPS

< >< >HTTP/S GET Request

< >< >HTTP/S POST Request

< >< >HTTP/S Response

< >< >HTTP/S Response Headers

< >Anti-Patterns and Weaknesses

< >< >Blacklist Input Validation

< >< >Lack of Parameterized SQL

< >< >Use of Weak or Incorrect Ciphers

< >Security Controls and Positive Patterns

< >< >Verify Authentication and Authorization with Every Request

< >< >Protect Transactions with the Synchronizer Token Pattern

< >Input Validation

< >< >Input Validation Anti-Patterns: Blacklist Validation Only

< >< >Input Validation Positive Patterns: Whitelisting

< >< >Input Validation: Apache Struts

< >< >Basic Input Validation Considerations: Length of Input

< >< >Validating Numerical Input

< >< >Validating Open Text Input

< >< >Input Validation Positive Patterns: URL Validation

< >Where Do We Go from Here?

2. Authentication and Session Management

< >Registration of New Users

< >< >Preventing Automated Registration

< >The Basic Flow of the Login Process and Session Management

< >< >Login Workflow Step 1: Anonymous Session Created on First Hit

< >< >Login Workflow Step 2: Starting HTTPS and Encryption in Transit

< >< >Login Workflow Step 3: Processing and Verifying Credentials

< >< >Login Workflow Step 4: Start the User

Availability

No copy data

Detail Information
Series Title
null
Call Number
005.262 MAN i
Publisher
New York : McGraw-Hill.,
Collation
xvii, 282 hlm.; ilus.; 23 cm.
Language
English
ISBN/ISSN
9780071835886
Classification
005.262
Content Type
-
Media Type
-
Carrier Type
-
Edition
null
Subject(s)
Java (Computer Program Language)
Web Application
Web Application Security
Software and Application Security
Specific Detail Info
-
Statement of Responsibility
Other version/related

No other version available

File Attachment
No Data
Comments
You must be logged in to post a comment