Random facts around basic principles of web application security. Sometimes slight improvements to our code may reduce even 80% of possible attacks against web-applications. Why not doing so ?
3. Stealing SESSION (using XSS)
- sending cookies to 3rd party host
- using this cookie
- we are in :)
4. Prevention against XSS
- simple solution (<c:out value="${variable}
escapeXml="true">)
- sanitize data
- store encoded (yyy..?)
5. Prevention against stealing cookie
- making it HTTP only (and secure)
- fingerprint as an implicit 'secret'
- token must not by sequential (randomly
distributed)
8. Maybe better… make it BF proof
- make it computation intensive (1024
iteration of calculating SHA1 takes time)
- user better algorithms (BCrypt)
- use masking
9. Last Question:
What is http://3585379724 ?
or http://mb@nk.pl ?
or even worst http://mbank.pl@3585379724 ??