|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Mark Curphey (mcurphey_at_onebox.com)
Date: Wed Jul 10 2002 - 14:43:31 CDT
You should find what you are looking for in the Common Attacks section
of the OWASP Guide to Building Secure Web Apps....its under forms field
manipulation and URL manipulation in particular....
Its at http://www.owasp.org
---- "Steven Fling" <SFLING
oppenheimerfunds.com> wrote:
> Our application communicates across various application server environments
> via HTTP/HTTPS requests (versus RMI, etc.) and needs to pass data/parameters
> back and forth. Naturally we use SSL to encrypt the request/response.
>
> I wanted to see if there were any Best Practices established to transfer
> data in this fashion. POST vs. GET method, querystring vs. hidden
> form variable, etc.
>
> Any insight would be appreciated!
>
> ____________________________________
> Steve Fling
> Managing Architect - Web Development
> OppenheimerFunds, Inc.
> sflingoppenheimerfunds.com
> Office: 303.768.3200
> FAX: 303.768.1096
> http://www.oppenheimerfunds.com
> ____________________________________
>
>
> This electronic mail transmission may contain confidential information
> and is intended only for the person(s) named. Any use, copying or
> disclosure by any other person is strictly prohibited. If you have
> received this transmission in error, please notify the sender via e-mail.
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]