Web Security Programming

Name: Deng Yong class: Software 151

SQL injection attacks:
The most vulnerable to the programmer's programming negligence is the vulnerability of SQL injection and Xss,sql injection is a serious case of leaking the entire database information, the consequences of unimaginable, the consequences of XSS serious situation caused the user information leakage. Take MyBatis as an example of how to prevent SQL injection, one of the following query statements:
SELECT * from answer a where a.username=#{username}
You can also write in a different way:
SELECT * from user u where u.username= ' ${username} '
There are two types of SQL processing in MyBatis, one is dynamicsqlsource for dynamic splicing of SQL, and the other is Rawsqlsource, static SQL (already precompiled).
MyBatis to #{} is static pre-compilation, SQL Parameterization, assuming that the user username we do not filter, direct use, if the input is "Vince ' or ' 1 ' = = ' 1", it is expected that the processing of the compilation will be escaped to certain characters, the database will match the entire string, However, the processing of ${} is stitched into a new SQL, after the concatenation of SQL as follows:
SELECT * from user u where u.username= ' Vince ' or ' 1 ' = = ' 1 '
is not the result is not what we expected, the serious situation will make the entire database is compromised, to prevent SQL injection method has a lot of, the user input parameters of strict validation also can avoid such problems, but the database at the beginning of the design has helped us to think about the solution, is the SQL pre-compilation, Not only improves execution efficiency, but also prevents SQL injection.

Cross-site scripting attacks:
The cross-site scripting attack is also a developer-generated software vulnerability, the developer did not escape the display of text, resulting in user-uploaded malicious script executed in the browser, which is also called code injection, developers can also be avoided by strict parameter checking and filtering, but also can use tools processing, For example, Freemarker.template.utility.StringUtil.XMLEncNA (String) in the Freemarker template frame,
The content entered by the user is <script>alert (' hel ');</script> processed into &lt;script&gt;alert (' hel '); &lt;/script &gt; So the browser will not execute this script, but eventually in the browser will still show as <script>alert (' Hel ');</script>, imagine, if this is not alert a string, but rather introduce an external JS file, The action in this file is to obtain the user's Cookie,cookie may contain a site's valid session SessionID, and then send the acquired data to a mailbox, malicious people can use this session to log on to the site, the consequences imaginable.
Especially in the file upload, the user input box, the developer must have a strict awareness of prevention, do not rely on client JS authentication, any user input verification to verify two times, at least the server to check once.
There is an organization www.owasp.org/in the web security do very good, public welfare, contributed a lot of information worthy of our developers to learn.
Top 10 security holes in 2013
Safety Testing Guide
Security Coding Specification
Other safety precautions:
There are many bad coding habits that are prone to security breaches, such as the non-emphasis on passwords, the SQL backdoor in the software, and, of course, not all vulnerabilities are caused by developers

Web Security Programming