Improving Web Application Security: Threats and Countermeasures

In This Chapter

• Preventing cross-site scripting (XSS) attacks

• Partitioning sites into public and restricted areas

• Preventing session hijacking and cookie replay attacks

• Developing secure Forms authentication

• Preventing rich exception details from reaching the client

• Validating input in Web pages and controls