prashant singhMay 31, 20181 minSecurity HeaderBelow all headers are mitigating Cross-site scripting. Content Security Policy Header:- system.webServer> <httpProtocol> <customHeaders>...
prashant singhMay 31, 20181 minContent security policy headerCurrently, OWASP update the Header issue To protect against Cross-Site Scripting, set the 'default-src' policy, or 'script-src' AND...
prashant singhMay 31, 20181 minSome more attribute to set in session and headersMissing HTTP ONLY attribute in session cookie <session-config> <cookie-config> <http-only>true</http-only> </session-config>...
prashant singhMay 31, 20181 minDifference security termsPhishing Steal the information It is a method of retrieval Phishing attack is use spoofing Steal the information Spoofing Download...
prashant singhMay 31, 20181 minUnion SQL InjectionIn this attacker uses the UNION Statement for the attack which merges the two or more selected statement for retrieving the data from the...