Pragmatic Programmer Issues

Importance of Security

Comments: 2

Everybody knows web application are now de facto standard in daily use. We go even further as we have more and more mobile devices.
We are building our apps in such a way we can access it from mobile phones, tablets and even e-book readers.

So nobody should be surprised that companies involved in web standards have published article focused on web application security.

  • Google: Browser Security Handbook
  • Google: Web Application Exploits and Defenses part onepart two part threepart fourpart five.
  • Great live step by step tutorial on Gruyere application. It is challenging
  • Mozilla : WebAppSec/Secure Coding Guidelines – Here are some quick wins.
    • For all cookies set the HTTPOnly and Secure flag
    • Make sure login pages are only served on HTTPS and all authenticated pages are only served on HTTPS
    • Don’t trust any user data (input, headers, cookies etc). Make sure to validate it before using it
  • Last but not least OWASP site is one of the best security information site.

Happy Hacking your apps