The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

Identify any cases where client-side JavaScript is used to perform input

Download 5,76 Mb.

Pdf ko'rish

bet	194/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 190 191 192 193 194 195 196 197 ... 875

Bog'liq
3794 1008 4334

Note that if multiple input fields are subjected to client-side validation

Identify any cases where client-side JavaScript is used to perform input

validation prior to form submission.

■

Submit data to the server that the validation would ordinarily have

blocked, either by modifying the submission request to inject invalid

data or by modifying the form validation code to neutralize it.

■

As with length restrictions, determine whether the client-side controls

are replicated on the server, and if not, whether this can be exploited for

any malicious purpose.

■

Note that if multiple input fields are subjected to client-side validation

prior to form submission, you need to test each field individually with

invalid data, while leaving valid values in all of the other fields. If you

submit invalid data in multiple fields simultaneously, it is possible that

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 190 191 192 193 194 195 196 197 ... 875