Client Side Input Validation

Data validation must not be carried out on the client side without the data validation being mirrored on the server side, which means that security should not be implemented in JavaScript, Flash, or within an Applet alone.

JavaScript is able to be manipulated to alter its functionality or can even just be turned off. A common assumption is that the user is actually using a web browser to view the page, where an attacker may actually be using a command-line utility that doesn't parse JavaScript at all.

Applets are generally able to be decompiled to reveal the underlying source code, allowing an attacker to determine any client-side input validation taking place. These weak security measures can always be bypassed by using a local proxy to capture and alter the request data or by using a JavaScript debugger to manipulate the client-side security in runtime.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook

Post a comment