Topics relating to application security and attacks against software.
When sending data over HTTPS, I know the content is encrypted, however I hear mixed answers about whether the headers …
security post encryption https getWhat's the difference in context of web applications? I see the abbreviation "auth" a lot. Does it stand for auth-entication …
security authorization authenticationSection 4.2 of the draft OAuth 2.0 protocol indicates that an authorization server can return both an access_token (which is used …
security oauth access-token refresh-tokenIt is currently said that MD5 is partially unsafe. Taking this into consideration, I'd like to know which mechanism to …
php security passwords hash protectionI'm not a security expert by any means, but I favor creating REST-style web services. In creating a new service …
web-services security rest soapI have got a python script which is creating an ODBC connection. The ODBC connection is generated with a connection …
python securityLet's say I have code like this: $dbh = new PDO("blahblah"); $stmt = $dbh->prepare('SELECT * FROM users where username = :…
php security pdo sql-injectionI'm getting a bunch of errors in the developer console: Refused to evaluate a string Refused to execute inline script …
javascript html security http-headers content-security-policyI am developing a payment processing app for Android, and I want to prevent a hacker from accessing any resources, …
android security proguard reverse-engineering