Lecture 15: Web App Vulnerabilities

This lecture reviews key details of web application architecture, then goes on to consider attacks against the connection and attacks against the server side of the application. It considers briefly how open redirects can be abused (e.g., to steal user credentials) and how pages dealing with authentication or payment might be bypassed via URL jumping. It also looks at secure password management for web applications, revisiting some of the issues covered in Lecture 7.

Web applications typically make user interaction stateful by means of sessions. The lecture therefore explores the threats associated with session IDs and highlights what should be done to manage sessions securely. The lecture finishes by considering how the XML payload of an HTTP request can cause security problems.