About the Author

Chris Shiflett is an author and speaker who leads the web application security practice at OmniTI.

Foiling Cross-Site Attacks

Fri, 26 Mar 2004 at 05:47:46 GMT
0 Comments
References

For the PHP developers who are interested in learning more about Cross-Site Scripting (XSS) or Cross-Site Request Forgeries (CSRF), I'm happy to announce that Foiling Cross-Site Attacks is now available for free from my Web site.

This article, originally published in the Oct 2003 issue of php|architect, describes both attacks as well as several best practices that can help you protect your applications. Thanks to php|architect for allowing me to make this information freely available.

About This Post

Foiling Cross-Site Attacks was posted on Fri, 26 Mar 2004 at 05:47:46 GMT.

0 Comments

Upcoming Talks

O'Reilly Open Source Convention

21 - 25 Jul 2008

At Oregon Convention Center, Portland, Oregon.

ZendCon

15 - 18 Sep 2008

In Santa Clara, California.

PHP Appalachia

11 - 14 Oct 2008

At Big Bear Lodge, Gatlinburg, Tennessee.

New Comments

Amir wrote:: Hi chris! Please check this and guide me: http://forums.devnetwork.net/viewtopic.php?f=34&t=8...; Posted in
Nathan Bentley wrote:: Hi Chris, A great tutorial, which should help a lot of people! We implemented something simil...; Posted in
Daniel S wrote:: Just recently I sold my 1.gen Macbook(core duo version). And to be honest, I don't miss it for on...; Posted in Top X List of Mac OS X Annoyances
Buke Beyond wrote:: I agree it is ridiculous that php is doing this. I am using php for generating commands for othe...; Posted in PHP Stripping Newlines
Davis Ford wrote:: I agree, although I have a list of many more annoyances. However, rather than complain about the...; Posted in Top X List of Mac OS X Annoyances