Is worrying about XSS,CSRF,sql injection, cookie stealing enough to cover web-security?

前端 未结 5 783
醉话见心
醉话见心 2021-02-09 12:55

Web applications on uncompromised computers are vulnerable to XSS,CRSF,sql injection attacks and cookie stealing in unsecure wifi environments.

To prevent those security

5条回答
  •  予麋鹿
    予麋鹿 (楼主)
    2021-02-09 13:25

    It definitely is not enough! There are several other security issues you have to keep in mind when developing a web-app. To get an overview you can use the OWASP Top-Ten

    I think this is an very interesting post to read when thinking about web-security: What should a developer know before building a public web site? There is a section about security that contains good links for most of the threats you are facing when developing web-apps.

    The most important thing to keep in mind when thinking about security is: Never trust user input!

    [I am answering to this "old" question because I think it is always an actual topic.]

提交回复
热议问题