The OWASP Guide to Building Secure Web Applications and Web Services should be compulsory reading for any web developer that wishes to take security seriously (which should be all web developers). There are many principles to follow that help with the mindset required when thinking about security.
If reading a big fat document is not for you, then have a look at the video of the seminar Mike Andrews gave at Google a couple years back about How To Break Web Software.
Reference:
http://stackoverflow.com/questions/38875/best-way-to-avoid-code-injection-in-php
http://en.wikipedia.org/wiki/Code_injection
Thursday, November 18, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment