O Preventing Web Feed Hacking White List Input Validation

From a developer's point of view, the reader software should be designed to white-list specific HTML tags, such as <cTypeface:Bold> or <h1>, and reject anything that doesn't fall within these rules. White listing is the best way to perform any input validation for web applications or web-related software, since black listing generally doesn't catch all malicious input and can, therefore, be bypassed.

Unfortunately, as a user you can't do much to stop this type of attack from happening due to the nature of web feeds. The only real protection that you can take is to use only well-known and trusted web feed readers in the hope that the developers are experienced, know the risks, and have implemented secure input validation checks within the software. The default configuration of web feed readers should also be checked to ensure that any insecure options are hardened down, such as automatic subscriptions.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment