AES – using a static secret key

A static secret key approach can come in handy when there is a need to persist sensitive information across session. Thus can be used to encrypt cookies where the client has nothing to do with it but is centrally processed on the app server, hence eliminating the risk of the key being exposed. package com.core; [...]

October 19, 2011
Categories: Just about everything . Tags: , , , , , . Author: Reisang Risom . Comments: Leave a Comment

XSS and Sql Injection Filter

It is better off checking for suspicious patterns of xss or sql injection than to strictly restrict special character usage. This approach will help avoid unnecessary exceptions being thrown. The filter will validate every parameter being posted to the application be it GET or POST method. Filter Class file /** * * @author Reisang */ [...]

October 19, 2011
Categories: Just about everything . Tags: , , , , , . Author: Reisang Risom . Comments: Leave a Comment

Follow

Get every new post delivered to your Inbox.