How many ways can malicious input reach your web application? According to OWasp: • Browser input • Cookies • Property files • External processes • Data feeds • Service responses • Flat files • Command line parameters • Environment variables Any of these inputs could be manipulated to be malicious. Be sure to validate all the inputs that your application uses.
Check out the full OWasp guide for more cool tips: This was written by Edward Delaporte. Posted on Friday, March 27, 2009, at March 27. Filed under Programming, Security. Bookmark the permalink. Follow comments here with the RSS feed. Both comments and trackbacks are currently closed.