WEB SERVER–RELATED VULNERABILITIES (XSS, XSRF, AND RESPONSE SPLITTING)

Sign in

Forgot password?

Request a Free Trial for Your Organization

Required field

Name

Email

Confirm Email

Promotion Code

Phone Number

Organization

Country

State

McGraw-Hill Professional values your privacy. By registering for the AccessEngineering Free Trial you agree to allow McGraw-Hill Professional to contact you through mail and email regarding special offers and new products. Please read our Privacy Notice to see how the information you have provided will be used. You can also write to: Privacy Officer, McGraw-Hill Professional, 1221 Avenue of the Americas, 46th Floor, New York, NY 10020. No purchase is necessary to take advantage of this offer. McGraw-Hill Professional reserves the right to discontinue the AccessEngineering Free Trial at any time with no advance notification.

Source

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them

Page Contents

OVERVIEW OF THE SIN
CWE REFERENCES
AFFECTED LANGUAGES
THE SIN EXPLAINED
SPOTTING THE SIN PATTERN
SPOTTING THE XSS SIN DURING CODE REVIEW
TESTING TECHNIQUES TO FIND THE SIN
EXAMPLE SINS
REDEMPTION STEPS (XSS AND RESPONSE SPLITTING)
REDEMPTION STEPS (XSRF)
EXTRA DEFENSIVE MEASURES
OTHER RESOURCES
SUMMARY

Sign in

Request a Free Trial for Your Organization

Source

Page Contents

WEB SERVER–RELATED VULNERABILITIES (XSS, XSRF, AND RESPONSE SPLITTING)

Please sign in to view the rest of this entry.

Citation