Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Ask HN: Preventing SQL injection/XSS in web apps
1 point
by
singer
on Oct 29, 2010
|
hide
|
past
|
favorite
|
2 comments
Before releasing a new web app, what are the top security-related items you check in order to prevent SQL injection, XSS, etc.?
ntoshev
on Oct 29, 2010
|
next
[–]
To prevent SQL injection, use bound SQL variables instead of embedding user input in SQL queries. You will also gain performance.
To prevent xsrf attacks, check referer header before you take action.
noodle
on Oct 29, 2010
|
prev
[–]
if you're obtaining input from a user, sanitize and validate it. for everything.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
To prevent xsrf attacks, check referer header before you take action.