[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Preventing-issues-in-web-UI FAQ?

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Preventing-issues-in-web-UI FAQ?
From: Ralf <ralfml@xxxxxxxxxx>
Date: Thu, 11 Sep 2003 23:26:51 -0700

Hi guys!

Does anyone know of a good concise and exhaustive FAQ regarding the common security issues to look for when developping a web UI?

I already tried to look for the ever-classics filtering ../ out of query arguments, and the basics of the XSS as explained in The Cross-Scripting FAQ. As a web developper, is there more I can do? As a (novice) IT and as a geek I feel I'm missing tons of stuff but there are limits to whatever my imagination can google. Basically I need a preventing-issues-in-web-UI-rather-than-fix faq.

R/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Foundstone DCOM Scanner
Next by Date: [Full-Disclosure] MDKSA-2003:089 - Updated XFree86 packages fix multiple vulnerabilities
Previous by thread: RE: [Full-Disclosure] RE: Symantec wants to criminalize security info sharing
Next by thread: [Full-Disclosure] MDKSA-2003:089 - Updated XFree86 packages fix multiple vulnerabilities
Index(es):
- Date
- Thread