Web app security
OWASP AppSecLive appseclive.org
HTTP response: HTTP version, status code, short human readable message.
HTTP messages:
1xx info only
2xx sucess
3xx redirects.
4xx client side errors
5xx server errors
Cookies
WebGoat: awesome tool with tutorails
HTTP response: HTTP version, status code, short human readable message.
HTTP messages:
1xx info only
2xx sucess
3xx redirects.
4xx client side errors
5xx server errors
Cookies
- Upon logout or browser is done, have the cookie set to a date in the past and the browser will delete the cookie.
- Set the cookie to 'Secure' -- it will be sent over https and 'HTTP-only" so javascript can't get to the cookie.
WebGoat: awesome tool with tutorails
0 Comments:
Post a Comment
<< Home