Skip to main content
Information Security

Questions tagged [secure-coding]

Ask Question

The tag has no summary.

152 questions
Newest Active Bountied Unanswered
12 votes
2 answers
4k views

OWASP's Secure Coding Practices Checklist mentions Only send non-temporary passwords over an encrypted connection or as encrypted data I can understand why permanent passwords are sent encrypted, ...
Apoorv Bedmutha's user avatar
  • 123
0 votes
0 answers
64 views

I am looking for a standard to refer to in order to write a security checklist that could be followed to proactively implement security at design level. I went through the OWASP ASVS, it mentions some ...
anonymous's user avatar
  • 559
1 vote
1 answer
104 views

Telegram server is not open source. Telegram clients are open source. Users can choose to use E2EE encrypted chat within themselves. User A know User B in real life and they know each other's telegram ...
Maxfield's user avatar
  • 173
8 votes
4 answers
5k views

We wrote a e-commerce system where we were asked to generate orders based on a format provided to us The format was extremely simple which was today's date with total number of orders in the database +...
KeithViking's user avatar
  • 183
0 votes
1 answer
201 views

There exist several sudo alternatives (systemd's run0, OpenBSD and doas, etc.), all created after sudo has been an established tool, allegedly for security reasons. If someone were to implement Unix ...
Oliver Gondža's user avatar
  • 103
0 votes
1 answer
114 views

Previously some good fellow explained the importance of verifying the public key created and offered by authenticators. As before, given the complexity of a FULL implementation of RP operation, I ...
DannyNiu's user avatar
  • 402
2 votes
0 answers
177 views

Introduction: We heavily use external libraries, such as DataTables, in combination with interpolation. In Angular, we've identified two primary XSS prevention strategies: Interpolation ({{ }}) ...
VJSpeter's user avatar
  • 31
0 votes
1 answer
1k views

As an application developer, which of these two principles is considered more secure? I'm familiar with these concepts at a foundational level. Secure by default means it's secure out the box. ...
Charles Owen's user avatar
  • 121
-1 votes
1 answer
133 views

I am searching for the best way to merge two parts of software together, so it would be as hard as possible to separate them again through reverse engineering. At the moment are both parts python, but ...
127 001's user avatar
  • 56
0 votes
1 answer
241 views

Good day, we deployed our app that has payment on it with a wallet system. We tried as much as possible to follow every security rule from server to code design. But yesterday we experienced a bridge ...
Kay's user avatar
  • 3
2 votes
0 answers
2k views

As far as I know, JWT tokens are used for implementing 'stateless server'. But as I try to apply Jwt to my website that uses sessions and cookies for authentication, I found that most people store ...
John's user avatar
  • 21
1 vote
0 answers
179 views

I recently came across this article: https://blog.sonarsource.com/10-unknown-security-pitfalls-for-python, which describes security pitfalls in the python programming language that are less well known ...
user16910689's user avatar
  • 61
8 votes
6 answers
3k views

Looking through descriptions of Spectre and Meltdown it seems that speculative execution - the basis for these attacks - occurs only with branched code. Therefore, it seems logical to conclude that ...
postoronnim's user avatar
  • 498
1 vote
1 answer
193 views

Suppose there is an application which contained preview functionality, that means whatever the code (if it is PHP, HTML Python) the user writes, the user can preview the code. For ex: <?php echo &...
Cloud Learner's user avatar
  • 195
0 votes
3 answers
484 views

Imagine an API where all CRUD operations are done through the same POST HTTP Request but with different "action" values from request body. { "action":"[create|read|update|...
discordia28's user avatar
  • 3

15 30 50 per page
1
2 3 4 5
11