devel:security
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| devel:security [2015-11-07 16:18] – [Security Guidelines for Plugin Authors] 50.141.100.133 | devel:security [2016-06-20 20:32] – [Typical Vulnerability Example] Grammar 139.174.200.55 | ||
|---|---|---|---|
| Line 8: | Line 8: | ||
| A list of the most common security issues and how to avoid them can be found on this page. A short summary: | A list of the most common security issues and how to avoid them can be found on this page. A short summary: | ||
| * Cross Site Scripting (XSS) -- inserts malicious code into website to manipulate site in browser of user | * Cross Site Scripting (XSS) -- inserts malicious code into website to manipulate site in browser of user | ||
| - | * Cross Site Request Forgery (CSRF) -- tricks to let you self do unknowingly | + | * Cross Site Request Forgery (CSRF) -- tricks to let you self do unknowingly |
| * Remote Code Inclusion -- includes code on server that's executed there | * Remote Code Inclusion -- includes code on server that's executed there | ||
| - | * Information leaks -- there is too much information | + | * Information leaks -- there is too much information |
| * SQL injection -- one can do unwanted requests on your data | * SQL injection -- one can do unwanted requests on your data | ||
| Line 199: | Line 199: | ||
| </ | </ | ||
| - | What the user's browser | + | What will the user's browser do then? |
| The browser will process this image as any other and will send a request to this URL. Your plugin will then see that $_GET[' | The browser will process this image as any other and will send a request to this URL. Your plugin will then see that $_GET[' | ||
devel/security.txt · Last modified: 2023-08-14 13:41 by Klap-in