Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
|
Does http carry state? |
no |
|
|
how is a session maintained between a client and server with stateless http? |
with user data: either a heartbeat with https or a cookie/hidden field is maintained. |
|
|
what are the 2 main ways of keeping a user logged in? |
hidden fields cookies |
|
|
what is the disadvantage of hidden fields |
they are tedious and time consuming to program; pages must be dynamically generated |
|
|
what is a cookie and what attributes does it have? |
a cookie is a small piece of data stored in the browser. It has a name and a value and other attributes such as domain and path, expiration date, version number, and comments. It is automatically included in all subsequent requests to the server. |
|
|
What is the same origin policy? |
the same origin policy prevents cookies, the DOM and other resources from one domain from being accessible to another |
|
|
which security attribute should always be set for session cookies? |
HttpOnly |
|
|
What is the DOM? |
The Document Object Model is a tree data structure which represents the page, accessible to scripts to allow them to manipulate it. |
|
|
how can a session be hijacked |
session key can be guessed (if not random) session key can be intercepted (if sent over http) cross site scripting cross site request forgery |
|
|
how can CSRF be prevented? How can it be prevented? |
Cross site request forgery is when a custom URL is crafted such as http://bank.com?transfer.do?to=eve&amount=allOfTheCash the victim is then tricked into loading this while logged in and they have a valid cookie. It can be prevented by the server validating the cookie checking the http referrer and making sure it is from the server's own domain. It can also be prevented by including a secret in the URL or a hidden field-the value of the cookie |
|
|
What is XSS? |
XSS is a type of injection which malicous scripts are injected into otherwise benign and trusted websites |
|
|
what is a stored XSS? |
a stored XSS attack is one that has been injected and stored on the server, such as in a forum. |
|
|
What is a reflected XSS attack? |
a reflected XSS attack is an attack where a script is injected through the url and a vulnerable page displays part of the url on the page, without HTML escaping so it can be parsed as HTML and a malicious script can be inserted. The attacker then has to trick the victim into clicking the link. Such as http://vulnerable.com?display= |
|
|
how can you defend against reflected XSS |
On the 'reflection' server can escape any user input you display on the page. On the server being attacked, check the http referrers and use the session id in the url or in a hidden field |
|
|
how can you defend against XSS |
escape user input have a whitelist of scripts |
