Dangers of CSRF and XSS
Monday 27 July 2009 1:59:13 am
Hopefully, this brief overview of XSS and CSRF was an eye-opener, showing the dangers posed by these exploits and highlighting the need for taking steps to prevent them. We have shown you how simple it is to deploy mechanisms against those attacks. Now the security of your server lies in your hands: if you apply those principles while writing your code, you will be able to diminish the risk of unauthorized access and prevent potential losses.
Resources
- http://www.secunia.com - security alerts related to the popular software products
- http://phpsec.org/ - PHP Security Consortium
- http://hakin9.org - hakin9, a magazine about hacking and security
- http://pear.php.net/package/HTML_BBCodeParser - BBCode parser
- http://pixel-apes.com/safehtml - SafeHTML package by Pixel-Apes
- http://shiflett.org/ - personal web site of Chris Shiflett