[Hone Your Ninja Skill] Whitelist filter bypass ("URL")

http://honeyourskills.ninja/target/web/data_restriction/?url=whitelist-filter-bypass-url.php

In input validation, whitelisting approach is said to be better than blacklisting one.  Yet non-robust implementation in whitelisting  could also allow attacker to bypass your defense.

Comments

Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

The important "expires" attribute of Set-Cookie

HttpOnly Session ID in URL and Page Body | Cross Site Scripting