Author: mcherm
Developers of web applications have quite a few different kinds of
"attacks" to worry about. I will try to describe the major categories I
know of, including one which is "new" as of the past month or so.
SQL Injection
The most venerable is the SQL-injection attack (and related attacks …
Read more
Posted Thu 09 October 2008
by mcherm
in Uncategorized
In a previous
post I
wrote about how nearly all web applications built on Java servlets
suffer from potential threading issues. Web browsers can make multiple
simultaneous requests, which will result in multiple threads
concurrently modifying the (not threadsafe) HTTPSession. Most people
just ignore the problems (which strike rarely), some …
Read more
Posted Tue 07 October 2008
by mcherm
in Programming
Web servers are inherently threaded applications: their primary purpose
is to serve up a website or web application to a large number of users.
Essentially all of the frameworks for creating web applications, such as
Java's "servlet" specification and all of the structure built on top of
it, provide built-in …
Read more
Posted Tue 23 September 2008
by mcherm
in Programming
This post is mostly for my own use; it updates a previous
posting
with the details of exactly how I am sending out the email version of
these blog postings.
I am sending email copies of the technical postings to this blog to an
email list of people at my …
Read more
Posted Mon 15 September 2008
by mcherm
in Uncategorized
Google has
released a new browser,
"Google Chrome". It features quite
a few innovations: some user interface innovations include tabs above
the menus and URL bar, a single field combining the URL and search
fields, search and status bars that disappear when not in use and a home
page showing …
Read more
Posted Mon 15 September 2008
by mcherm
in Programming