O'Reilly Open Source Convention.
Books Safari Bookshelf Conferences O'Reilly Network
   


Arrow Home
Arrow Registration
Arrow Speakers
Arrow Keynotes
Arrow Tutorials
Arrow Sessions
Arrow At-a-Glance
Arrow BOFs
Arrow Events
Arrow Community
 Software
Arrow Exhibitors
Arrow Sponsors
Arrow Hotel/Travel
Arrow Venue Map
Arrow See & Do
Arrow Press
Arrow Mail List


O'Reilly Open Source Convention
Hornbill.

Session

PHP Under Attack
Chris Shiflett, OmniTI Computer Consulting, Inc.

Track: PHP
Date: Thursday, July 10
Time: 2:30pm - 3:15pm
Location: Salon D

PHP is quickly becoming the world's most popular programming language for creating web applications. As more and more applications are being built for the Web, application security is becoming a crucial topic. One of the best methods you can use to educate yourself about web application security is to study the various types of attacks that you must defend against.

Shiflett's session introduces two common types of attacks that current Web developers face, Cross-Site Scripting (XSS) and Cross-Site Request Forgeries (CSRF). Because XSS involves exploiting the trust granted to a particular Web site and CSRF involves exploiting the trust granted to a particular user, these attacks represent a wide range of application-based attacks.

By using examples that illustrate exactly how these types of attacks are achieved, you are shown simple and effective techniques that you can use to help prevent similar vulnerabilities in your own PHP applications.



O'Reilly Home | Privacy Policy

© 2003, O'Reilly Media, Inc.