News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Mind Tree:
Testing your web application
August 14, 2008 @ 12:04:52

This recent post from the Mind Tree blog shares a few methods for testing your web application (not unit test, just general things).

Because the Web "environment" is so diverse and contains so many forms of programmatic content, input validation and sanity checking is the key to Web applications security. This involves both identifying and enforcing the valid domain of every user-definable data element, as well as a sufficient understanding of the source of all data elements to determine what is potentially user definable.

They note that the root of most problems is input validation - most applications either just don't do it or do it poorly. They include a few tips on first security the environment the application is running in (like checking the HEAD/OPTIONS values and ensuring you're only allowing known file extensions and directories). They also mention the insecurity behind HIDDEN form elements and some issues surrounding user authentication.

0 comments voice your opinion now!
testing application input validation authentication user environment


blog comments powered by Disqus

Similar Posts

Ilia Alshanetsky's Blog: 5.2.1 RC3 Released for testing

Padraic Brady's Blog: ext/snarl: PHP interface to the Windows Snarl Notification Tool API

PHPClasses.org: Responsive AJAX applications with COMET

PHPImpact Blog: Open-source PHP applications that changed the world

CodeForest.com: Creating simple tasks app with Backbone.js and Slim micro framework (part 1)


Community Events











Don't see your event here?
Let us know!


podcast facebook package hack composer application opinion component framework support performance release unittest database symfony2 install language security introduction hhvm

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework