Website - Eduguru - Page 9

Tutorial Web Hosting Website

HTTPS

April 15, 2020 Krishna authentication mechanism, basic, Digest, HTTP Authentication, HTTP protocol, HTTP Proxies, HTTP proxy server, HTTP/S, NTLM, proxy server, Secure Sock- ets Layer (SSL), transport layer security, transport mechanism, Web Application Technologies

The HTTP protocol uses plain TCP as its transport mechanism, which is unencrypted and so can be intercepted by an

Tutorial Web Hosting Website

Status Codes

April 15, 2020 Krishna 100 Continue, 200 Ok, 201 Created, 301 Moved Permanently, 302 Found, 304 Not Modified, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 405 Method Not Allowed, 413 Request Entity Too Large, 414 Request URI Too Long, 500 internal server error, 503 Service Unavailable, Status Codes, Web Application Technologies

Each HTTP response message must contain a status code in its first line, indicating the result of the request. The

Tutorial Web Hosting Website

Cookies

April 15, 2020April 15, 2020 Krishna cookie mechanism, Cookies, domain, Expires, http, HTTP protocol, secure, Set-Cookie, Web Application Technologies

Cookies are a key part of the HTTP protocol which most web applications rely upon, and which can frequently be

Tutorial Web Hosting Website

HTTP Headers

April 15, 2020 Krishna Accept, Authorization, Cache-Control, Connection, Content-Encoding, Content-Length, Content-Type, Cookie, Expires, HOST, HTTP Headers, HTTP supports, If-Modified-Since, If-None-Match, Location, Referer, Response Headers, server, Transfer-Encoding, User-Agent, WWW-Authenticate

HTTP supports a large number of different headers, some of which are designed for specific unusual purposes. Some headers can

Tutorial Web Hosting Website

The HTTP Protocol

April 15, 2020 Krishna HEAD, HTTP method, HTTP Methods, HTTP Requests, HTTP Responses, TCP protocol, The HTTP Protocol, TRACE, uniform resource locator, URLs, Web Application Technologies, World Wide Web

The hypertext transfer protocol (HTTP) is the core communications protocol used to access the World Wide Web and is used

Tutorial Website

Web Application Technologies

April 15, 2020April 15, 2020 Krishna Encoding Schemes, HTTP protocol, The HTTP Protocol, Web Application Technologies, Web Functionality

Web applications employ a myriad of different technologies to implement their functionality. This article contains a short primer on the

Tutorial Website

Managing the Application

April 14, 2020April 14, 2020 Krishna administrative function, administrative interface, administrative interface within a web application, administrators, authentication mechanism, Managing the Application

Any useful application needs to be managed and administered, and this facility often forms a key part of the application’s

Tutorial Website

Handling Attackers

April 14, 2020 Krishna Alerting Administrators, attackers, Core Defense Mechanisms, Handling Errors, IP address, Maintaining Audit Logs, scripted attack, security-critical applications

Anyone designing an application for which security is remotely important must work on the assumption that it will be directly

Tutorial Website

Handling User Input

April 14, 2020 Krishna “Accept Known Good”, “Reject Known Bad”, application performing input validation, Approaches to Input Handling, Boundary Validation, Core Defense Mechanisms, HTML mark-up, Safe Data Handling, Sanitization, Semantic Checks, Varieties of Input, web application

Recall the fundamental security problem described in Chapter 1: all user input is untrusted. A huge variety of different attacks

Tutorial Website

Handling User Access

April 13, 2020 Krishna Access Control, attack surface, Authentication, Core Defense Mechanisms, enforcing access control, enforcing session timeout, Handling User Access, HTTP request, security vulnerabilities, Session Management, typical login function, URL query, web application

A central security requirement that virtually any application needs to meet is to control users’ access to its data and