Use Named Queries with Hibernate
Applies toJava web-based applications using HibernateSummaryExecuting Named Queries using Hibernate.ObjectivesUse Hibernate named queries to pe... more
Applies toJava web-based applications using HibernateSummaryExecuting Named Queries using Hibernate.ObjectivesUse Hibernate named queries to pe... more
Cross-Site Request Forgery (CSRF) Prevention Using Struts 2
Applies toJavaStruts 2SummaryPerform CSRF prevention using Struts 2 within an application.ObjectivesCSRF prevention is a key security control ... more
Applies toJavaStruts 2SummaryPerform CSRF prevention using Struts 2 within an application.ObjectivesCSRF prevention is a key security control ... more
Display Simple Error Messages
Applies toPHPWhat to DoShow simple error messages that don't contain too much information. Write detailed information to log files.WhyError mes... more
Applies toPHPWhat to DoShow simple error messages that don't contain too much information. Write detailed information to log files.WhyError mes... more
Destroy Sessions When Users Log Out in PHP
What to DoInvalidate sessions when users log out.WhyInvalidating sessions when users log out makes it harder to hijack them.HowTo invalidate sess... more
What to DoInvalidate sessions when users log out.WhyInvalidating sessions when users log out makes it harder to hijack them.HowTo invalidate sess... more
Protect Session IDs in PHP
What to DoProtect session IDs from disclosure by only storing them in session cookies, sending session cookies only over SSL and setting security fla... more
What to DoProtect session IDs from disclosure by only storing them in session cookies, sending session cookies only over SSL and setting security fla... more
Use Strong Session IDs in PHP
What to DoConfigure PHP to use strong session IDs.WhyMaking session IDs cryptographically stronger makes them more difficult to predict and to hija... more
What to DoConfigure PHP to use strong session IDs.WhyMaking session IDs cryptographically stronger makes them more difficult to predict and to hija... more
How to Prevent SQL Injection in ASP.NET
SummaryThis How to shows a number of ways to help protect your ASP.NET application from SQL injection attacks. SQL injection can occur when an applic... more
SummaryThis How to shows a number of ways to help protect your ASP.NET application from SQL injection attacks. SQL injection can occur when an applic... more
Disable Dangerous Functions in PHP
What to DoDisable unused dangerous functions by configuring PHP. Verify that if dangerous functions are used, they are used safely.WhyDisabling dan... more
What to DoDisable unused dangerous functions by configuring PHP. Verify that if dangerous functions are used, they are used safely.WhyDisabling dan... more
Set Strict Domain and Path Values on Session Cookies in PHP
What to DoSet strict domain and path values on session cookies.WhySetting strict domain and path values on session cookies makes it harder for atta... more
What to DoSet strict domain and path values on session cookies.WhySetting strict domain and path values on session cookies makes it harder for atta... more
How to Prevent Cross-Site Scripting in ASP.NET
SummaryThis How to shows how you can help protect your ASP.NET applications from cross-site scripting attacks by using proper input validation techn... more
SummaryThis How to shows how you can help protect your ASP.NET applications from cross-site scripting attacks by using proper input validation techn... more
