On the face of it, authentication is conceptually among the simplest of all the security mechanisms employed within web applications. In the typical case, a user supplies her username and password, and the application must verify that these items are correct. If so, it lets the user in. If not, it does not. Authentication also … Read more
Transmitting Data via the Client Many applications leave themselves exposed because they transmit critical data such as product prices and discount rates via the client in an unsafe manner. If possible, applications should avoid transmitting this kind of data via the client altogether. In virtually any conceivable scenario, it is possible to hold such data … Read more
ActiveX controls are a much more heavyweight technology than Java applets. They are effectively native Win32 executables that, once accepted and installed by the user, execute with the full privileges of that user and can carry out arbitrary actions, including interacting with the operating system. ActiveX can be used to implement practically any client-side control, … Read more
The enumeration techniques described so far have been implicitly driven by one particular picture of how web application content may be conceptualized and catalogued. This picture is inherited from the pre application days of the World Wide Web, in which web servers functioned as repositories of static information, retrieved using URLs that were effectively filenames. … Read more
This is a more sophisticated and controlled technique, which is usually preferable to automated spidering. Here, the user walks through the application in the normal way using a standard browser, attempting to navigate through all of the application’s functionality. As he does so, the resulting traffic is passed through a tool combining an intercepting proxy … Read more
In order for the server-side application to receive user input and actions, and present the results of these back to the user, it needs to provide a client-side user interface. Because all web applications are accessed via a web browser, these interfaces all share a common core of technologies. However, these have been built upon … Read more
Download HeidiSQL Installer, 32/64 bit combined Portable version (zipped): 32 bit , 64 bit Microsoft Store App, 32 bit Sourcecode HeidiSQL runs fine on Windows XP, Vista, 7, 8 and 10. Running on Wine requires to override Wine’s builtin Direct2D library with the native one. Previous installers can be downloaded here. HeidiSQL is a useful and … Read more
CSS Selectors CSS selectors allow you to select and manipulate HTML element(s). CSS selectors are used to “find” (or select) HTML elements based on their id, classes, types, attributes, values of attributes and much more. 1. The element Selector The element selector selects elements based on the element name.You can select all <p> elements on … Read more
To create a link in HTML, you need two things: The name of the file (or the URL) to which you want to link The text that will serve as the clickable link Only the text included within the link tag is actually visible on your page. When your readers click the link, the browser … Read more
Unordered lists are often referred to as bulleted lists. Instead of being numbered, each element in the list has the same marker. The markup to create an unordered list looks just like an ordered list except that the list is created by using <ul>…</ul> tags rather than ol . The elements of the list are … Read more