Security Principles for PHP Applications by Eric Mann
Author:Eric Mann [Eric Mann]
Language: eng
Format: epub
Tags: Core Programming, Security
Publisher: php[architect]
Published: 2017-12-02T05:00:00+00:00
Stored XSS
The second form of Cross-Site Scripting attack involves storing the attacker’s payload in your own datastore. This can happen merely because the application neglected to sanitize user input before writing it to disk. It’s rendered effective when the application also neglects to escape data coming from the database before printing it to the screen.
Note: Failing to sanitize input isn’t the only way a stored attack can occur. An attacker might be able to corrupt your data store by way of a side channel (another application on the server) or inject their malicious payload directly. It’s a good idea to always sanitize user data before persisting it to disk, but it’s even more important to ensure you properly escape the data when it’s pulled back out of storage for use in output.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Hello! Python by Anthony Briggs(9914)
OCA Java SE 8 Programmer I Certification Guide by Mala Gupta(9795)
The Mikado Method by Ola Ellnestam Daniel Brolund(9777)
Algorithms of the Intelligent Web by Haralambos Marmanis;Dmitry Babenko(8295)
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7778)
Test-Driven iOS Development with Swift 4 by Dominik Hauser(7763)
Grails in Action by Glen Smith Peter Ledbrook(7696)
The Well-Grounded Java Developer by Benjamin J. Evans Martijn Verburg(7557)
Windows APT Warfare by Sheng-Hao Ma(6823)
Layered Design for Ruby on Rails Applications by Vladimir Dementyev(6553)
Blueprints Visual Scripting for Unreal Engine 5 - Third Edition by Marcos Romero & Brenden Sewell(6419)
Secrets of the JavaScript Ninja by John Resig Bear Bibeault(6413)
Kotlin in Action by Dmitry Jemerov(5062)
Hands-On Full-Stack Web Development with GraphQL and React by Sebastian Grebe(4316)
Functional Programming in JavaScript by Mantyla Dan(4038)
Solidity Programming Essentials by Ritesh Modi(3994)
WordPress Plugin Development Cookbook by Yannick Lefebvre(3785)
Unity 3D Game Development by Anthony Davis & Travis Baptiste & Russell Craig & Ryan Stunkel(3729)
The Ultimate iOS Interview Playbook by Avi Tsadok(3704)
