Security Basics mailing list archives
#include file tag in HTML: possible issues?
From: "Giuseppe DELL'ERBA" <giuseppe.dellerba () st com>
Date: Fri, 13 Jan 2006 16:20:19 +0100
Hi all, I have to evaluate from security point of view an application that is going to add in its template pages the #include file tag. This will allow a section of code to be inserted in the page, and the code that is inserted may be stored in an external file. Do you think this feature can introduce possible security threats? And, eventually, the remediation needed? Thanks Peppe --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- #include file tag in HTML: possible issues? Giuseppe DELL'ERBA (Jan 13)
- Re: #include file tag in HTML: possible issues? Brad Spangler (Jan 16)
- Smartcardlogon with MS 2003 NATIVE dav () forststrasse27 de (Jan 17)
- Re: Smartcardlogon with MS 2003 NATIVE - Information about Smartcards dav () forststrasse27 de (Jan 23)
- Smartcardlogon with MS 2003 NATIVE dav () forststrasse27 de (Jan 17)
- <Possible follow-ups>
- Re: #include file tag in HTML: possible issues? pg_vlad (Jan 13)
- RE: #include file tag in HTML: possible issues? Giuseppe DELL'ERBA (Jan 16)
- RE: #include file tag in HTML: possible issues? Giuseppe DELL'ERBA (Jan 20)
- Re: #include file tag in HTML: possible issues? Andrew Peters (Jan 23)
- Re: #include file tag in HTML: possible issues? Brad Spangler (Jan 16)