Reputation: 55283
What are the common website vulnerabilities, and the programming languages related to them?
As far as know, I must be careful with PHP, and I think Javascript. What else?
Upvotes: 1
Views: 606
Answers (2)
Reputation: 1295
OWASP provides an annual report describing the top ten web application security flaws (see link below for description of the project and the most recent report). As SLaks wrote, many vulnerabilities are independent of the language. Web applications need to be designed with security in mind.
http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
Upvotes: 1
Reputation: 887479
Security vulnerabilities are (mostly) independent of the language involved (except for memory issues).
Instead, you should focus on tasks with potential vulnerabilities, such as processing user input or handling sensitive data.
Some things to watch out for:
- Always use parameters in SQL
- Always escape correctly (when generating HTML, JSON, Javascript strings, or anything else)
- Be extremely careful when executing code dynamically (eg,
eval, automatic updates, etc) - Always validate user input on the server
You should also read articles about security, such as the Top 25 Most Dangerous Programming Errors.
Upvotes: 5
Related Questions
- detecting vulnerabilities in web applications and desktop applications
- Is there a stable Programming Language for Web Programming?
- Checklist for Web Site Programming Vulnerabilities
- What are the most common vulnerability types in well designed code bases like Joomla or vBulletin?
- What type of attacks are possible on web applications?
- What are the possible security threats that any web application may face?
- What are most common programming scenarios encountered during programming Web Applications?
- Subtle software security bugs in webapps
- web application attacks and must have defence methods