Abstract

The article presents the main provisions of the construction of web applications. The mechanism of the application protocol HTTP in the development of web applications. The description of the operation of HTTP status codes and their processing in the user’s browser is given. Describes how to use status codes in the development of web applications. An example of working with a redirection code and header is given. A definition and characterization of execution vulnerabilities after redirection is proposed. Examples of applications vulnerable to run after redirection to server programming languages PHP and Ruby on Rails are given. Describes the problem of typical solutions to neutralize the vulnerability of execution after redirection. A way of writing the source code of the application, taking into account the possibility of execution vulnerabilities after redirection, is proposed. Provides recommendations for writing code.

Highlights

  • Введение На фоне роста количества веб-ресурсов растет и количество угроз их безопасности

  • Для ее понимания необходимы хо‐ рошие знания функционирования Интернета и сети в целом

  • Examples of applications vulnerable to run after redirection to server programming languages PHP and Ruby on Rails are given

Read more

Summary

Introduction

Введение На фоне роста количества веб-ресурсов растет и количество угроз их безопасности. В заголовок обычно выносится сервисная информация, не нужная большинству пользовате‐ лей, а в теле обычно содержится сам исходный код веб-страниц, которые пользователь видит в своем браузере. Для этих целей в протоколе HTTP было введено понятие кода ответа. Обычно подразу‐ мевается, что исполнение кода на стороне сервера заканчивается перенаправлением, так как в брау‐ зере уже отображается другая страница [3].

Results
Conclusion
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Model-driven development of composite web applications
Georgia M Kapitsaki ... Christos A Pappas
-
Georgia M Kapitsaki, et. al.Georgia M Kapitsaki ... Christos A Pappas
24 Nov 2008
Design and Implementation of the Framework for Spring+SpringMVC+MyBatis in the Development of Web Application
Yuxiang Hou
-
Yuxiang HouYuxiang Hou
01 Dec 2017
Support for development and test of web application: A tree-oriented model
Min Cao ... Zhen Cao
Journal of Shanghai University (English Edition) | VOL. 15
Min Cao, et. al.Min Cao ... Zhen Cao
01 Oct 2011
Web Application Lifecycle: Combining Important Actors and Factors in Web Development
Ricky Jiandy
Ultimatics : Jurnal Teknik Informatika | VOL. 7
Ricky JiandyRicky Jiandy
01 Jun 2015
View more papers

More From: Issues of radio electronics

Paper Title
Journal
Date
Author
Statement of problem of synthesizing structure of information-monitoring network of high-tech instrument-making products
V Balashov ... E Semenova
Issues of radio electronics | VOL. -
V Balashov, et. al.V Balashov ... E Semenova
31 Aug 2021
Mathematical modeling of information leakage prevention processes on parametric channels in of management activity
S Skryl ... A Boronenkov
Issues of radio electronics | VOL. -
S Skryl, et. al.S Skryl ... A Boronenkov
31 Aug 2021
Methods for studying «antenna-radome» system using planar and cylindrical scanners
A Kirpanev ... N Kirpanev
Issues of radio electronics | VOL. -
A Kirpanev, et. al.A Kirpanev ... N Kirpanev
31 Aug 2021
Using IoT devices for fast data processing
A Anufrienko
Issues of radio electronics | VOL. -
A AnufrienkoA Anufrienko
31 Aug 2021
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.