Anyone know if jsbin.com implements any protection for XSS or other javascript attacks? I see jsbin links used fairly regularly on sites like this one and I can't find any indication from the site one way or another. If it does implement counter measures, what kinds of things does it block out. If not, I should probably be more carefu...
Hello, We have a Learning Management System (LMS) that runs on its own server (IIS/Server 2003). Students must login with Forms authentication to gain access to the content. We want to offer access to third party flash and audio that is embedded in HTML pages hosted on the third party server (IIS/Server 2003). Currently we use a fram...
A Note I have a very good understanding of sessions and the theory of secure web-based authentication, etc., so please don't start with the basics, or give ambiguous answers. I am not looking for Best Practices, because I am aware of them. I am looking for the real risks behind them, that make the Best Practices what they are. I have r...
We are writing a web application to be deployed on our intranet. We want to implement role based security but would like to not write it all from scratch. Is there anything built into .NET to do this or can anybody recommend a tool. ...
I have to send sensitive information (name, address, social security number etc.) collected from a website, that has been entered by a user, to an e-mail address. What is the best course of action to make the information secure and easy to extract on the receiver side? Edit: I will be using ASP.NET for the website, not sure what it ha...
I'm using str_ireplace() to remove instances of strings in an array, and I'm returning the number of counted occurances, but it's not actually performing the replace. //replace occurances of insert, update, delete, select $dmlArray = array('select', 'update', 'delete', 'insert'); str_ireplace($dmlArray,'-- replaced DML -- ',$clean['com...
My question is rather similar to this Return “correct” error code, or protect privacy?, but I'd like to hear some different answers. We have WEB site most pages of which may be visited by not logged in user. But when not logged in user tries to access resource (Page) that requires authorization (user must have FooRole role), we automati...
when studying about xml vulnerabilities , i came accross coercive parsing attack. can anybody say what exactly is Coercive parsing attack(in SOA applications). How does the attack take place? How can one implement this attack using xml parser in java? ...
Some older browsers are vulnerable to XSS attacks as such <img src="javascript:alert('yo')" /> Current versions of IE, FF, Chrome are not. I am curious if any browsers are vulnerable to a similar attack: <img src="somefile.js" /> or <iframe src="somefile.js" /> or other similar where somefile.js contains some malicious script. ...
We use .htaccess a lot for URL redirections and other stuffs. Is this any kind of a threat for web security? What are the best practices for a .htaccess file? ...
Is there any way to confirm that a particular breach of security was done through SQL injection? ...
Why do browsers apply the same origin policy to XMLHttpRequest? It's really inconvenient for developers, but it appears it does little in actually stopping hackers. They are workarounds, they can still include javascript from outside sources (the power behind JSONP). It seems like an outdated "feature" in a web that's largely interlinke...
Hello All, How can I disable the dangerous eval function? Can that be done using ini_set function? Also how to disable following functions? Can we disable them using ini_set function? allow_url_fopen allow_url_include exec shell_exec system passthru popen stream_select eval is one of the most dangerous function that bad guys can u...
Is there any way to centralize enforcement that every action method must have a "ValidateAntiForgeryToken" attribute? I'm thinking it would have to be done by extending one the "routing" classes. Edit: Or maybe do some reflection at application startup? ...
I thought they were there for security; to check that the file hasn't been tampered with. But surely if someone is capable of modifying the file then they are also capable of modifying the page with the hash! What security does this actually offer? ...
I was looking at templating systems for php, and I've come to believe that pure php code seems to be the solution I want to use. I'm the lone developer, so there's no designers who need a nerfed arena to work in. Template engines like smarty seem to suffer from the "Inner-platform effect". If I stick with good practices ( pre-computed ...
I use my PHP backend to detect Ajax like this: $_SERVER['HTTP_X_REQUESTED_WITH']. This gives me a reliable detection, making sure the request is Ajaxed. How can I make sure the request came from my own domain, and not an external domain/robot? www.example.com/ajax?true could allow anyone to make an Ajax call and cut the information. I...
So you've performed the login using https to prevent man in the middle attacks and make sure your password isn't sent in the clear. Good call. But many sites then switch back to http for the rest of the session. Once you're exchanging everything in the clear can't a man in the middle begin hijacking your session again? Okay, so they don...
Is there anything wrong with configuring a webserver to map SSL traffic (port 443) to the same document root as normal traffic (port 80)? Using the same document root for both http and https means you need to implement the following: On each page that needs to be secure, there needs to be some application code that redirects the user ...
See an example here: http://mattpotts.com/portal/ I put an includeme.htm in each directory on the required path to find the point of failure. It works fine on my local machine (windows) with the same directory structure but fails on my remote (linux) server. Directory structure: +-firefli/ drwx--x--x +-private_html/ ...