Aug 24
Cookie replay attack protection
So let’s jump straight in, what is a replay attack? Essentially a security breach whereby someone poses as someone else using some unique piece of data the user supplied/was issued to/from the Web server. It’s kind of similar to a man-in-the-middle attack. We’re going to be looking at the attack using specifically cookie authorisation, a very common means of implementing a “remember me” function.
Aug 2
Defensive programming
Earlier in the week, whilst implementing a domain registration API into another client project (and pulling my hair out), I thought back to a seminar from university. The module was Component Based Design and it was all about writing code in a standard way, helping to aid both the supplier (API creator) and the client (the person using the API). Although I didn’t realise it until now it actually played a large role…
