Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / NewStats: 3,152,802 members, 7,817,329 topics. Date: Saturday, 04 May 2024 at 10:23 AM |
Nairaland Forum / Science/Technology / Programming / Lessons In How Not To Implement Application Security (3952 Views)
I Need Volunteers To Implement A Codeigniter Based Platform For Nigerians (2) (3) (4)
Re: Lessons In How Not To Implement Application Security by 2mNaira: 12:50am On Oct 02, 2016 |
DanielTheGeek: To the best of my knowledge, session id are never sent via url by default unless you specifically request that it be sent via url. If my memory serves me right, cookies get sent by url only when you do not allow creation of cookies on your computer. Disabling javascript to prevent session hijacking by turning javacsript off is not a good idea because most applications need javascript and so it is not really a pragmatic solution. Besides, there are many other ways of preventing XSS without turning javascrpt off. 1 Like |
Re: Lessons In How Not To Implement Application Security by 2mNaira: 12:58am On Oct 02, 2016 |
lekropasky: Of course all codes can be reversed engineered. Its just that codes that are compile directly to machine language like c/c++ are more difficult to reverse engineer than those the compile to intemediate language like Java and C#. |
Re: Lessons In How Not To Implement Application Security by Nobody: 7:01am On Oct 02, 2016 |
mnairaland:Next time, read through well.. disable JavaScript access to the cookies. The session Id stuff is still worth mentioning, so no one turns it on in production without knowing the risk. |
Re: Lessons In How Not To Implement Application Security by Nobody: 7:29am On Oct 02, 2016 |
mnairaland: DanielTheGeek: |
Re: Lessons In How Not To Implement Application Security by 2mNaira: 7:55am On Oct 02, 2016 |
DanielTheGeek: OK. Sorry about that. |
Re: Lessons In How Not To Implement Application Security by 2mNaira: 6:47am On Oct 05, 2016 |
@SeunThomas,I hope you have not abandoned this thread. |
Re: Lessons In How Not To Implement Application Security by seunthomas: 7:10am On Oct 05, 2016 |
Will continue with the thread later in the week. Need to handle some work related stuff. |
Let's Set Up a Non-Profit Developer Network / Which Programming Language Is Used In Programming Sim Cards? / Managed Extensions for C++.
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 15 |