vault backup: 2022-08-18 13:49:21

2025-12-25 05:44:06 -06:00 · 2022-08-18 13:49:21 +12:00 · 2022-08-18 13:49:21 +12:00 · 91882aaded
commit 91882aaded
parent b91c88de6e
2 changed files with 9 additions and 2 deletions
--- a/content/notes/8-application-security-1.md
+++ b/content/notes/8-application-security-1.md
@ -4,6 +4,9 @@ aliases:
 tags: 
 - comp210
 - lecture
+sr-due: 2022-08-21
+sr-interval: 3
+sr-ease: 250
 ---

 application development security
@ -149,4 +152,7 @@ Ideally the compiler or runtime should be able to detect these and throw an erro

 ## command injection

-## cross site scripting
+## cross site scripting
+second order attack - inject redirect as data will be displayed on other users webpages
+- session id is as good as username and passoword
+
--- a/content/notes/comp-210.md
+++ b/content/notes/comp-210.md
@ -31,4 +31,5 @@ No final exam
 - [04-authentication-authorisation-passwords](notes/04-authentication-authorisation-passwords.md)
 - [05-cryptography](notes/05-cryptography.md)
 - [06-hashing-binary-public-key-cryptography](notes/06-hashing-binary-public-key-cryptography.md)
- [07-cryptography-applications](notes/07-cryptography-applications.md)
+- [07-cryptography-applications](notes/07-cryptography-applications.md)
+- [8-application-security-1](notes/8-application-security-1.md)