X-Git-Url: https://git.martlubbers.net/?a=blobdiff_plain;f=report%2Fv5_input.tex;h=5e8142962602e89cc5498ffcd5b2dd5fa199ccdd;hb=8393e7fae8720a46bc2832b8236b766f285a784d;hp=e29538d2db017fd3204e3c6a189d8a97387f6909;hpb=06d7ae862f750a89968a0c7c2104b133e801d3a5;p=ssproject1617.git diff --git a/report/v5_input.tex b/report/v5_input.tex index e29538d..5e81429 100644 --- a/report/v5_input.tex +++ b/report/v5_input.tex @@ -45,8 +45,8 @@ \srcref{classes/users.php}{145}. \end{result} - \item\pass{} Verify that the application is not susceptible to LDAP - Injection, or that security controls prevent LDAP Injection. + \item\pass{} Verify that the application is not susceptible to \LDAP{} + Injection, or that security controls prevent \LDAP{} Injection. \begin{result} \LDAP{} is not used, thus the application is not susceptible. @@ -72,7 +72,7 @@ recovery\\ (\srcref{classes/user.php}{115}) filepaths are calculated on the hash of the password. All non standard filepaths, such as admin or - theme files, are generated using functions. CMS urls are parsed using a + theme files, are generated using functions. \CMS{} urls are parsed using a standard system wide \code{parse} function. \end{result} @@ -89,10 +89,10 @@ web client code is either properly contextually encoded manually, or utilize templates that automatically encode contextually to ensure the application is not susceptible to reflected, stored and DOM Cross-Site - Scripting (XSS) attacks. + Scripting (\XSS{}) attacks. \begin{result} - A lot of \HTML{} tags are allowed in the post screen, therefore an XSS + A lot of \HTML{} tags are allowed in the post screen, therefore an \XSS{} attack is trivial. Even the comment section uses no input validation whatsoever. \end{result} @@ -104,15 +104,15 @@ malicious automatic binding. \begin{result} - There is some automatic variable binding happening in the POST and GET + There is some automatic variable binding happening in the \POST{} and \GET{} however, defaults are always given and there is no possibility of accidentally binding extra variables. Also the variables are in an array. \end{result} - \item\pass{} Verify that the application has defenses against HTTP + \item\pass{} Verify that the application has defenses against \HTTP{} parameter pollution attacks, particularly if the application framework - makes no distinction about the source of request parameters (GET, POST, + makes no distinction about the source of request parameters (\GET{}, \POST{}, cookies, headers, environment, etc.) \begin{result} @@ -132,14 +132,14 @@ \end{result} \item\fail{} Verify that all input data is validated, not only \HTML{} form - fields but all sources of input such as REST calls, query parameters, - HTTP headers, cookies, batch files, RSS feeds, etc; using positive + fields but all sources of input such as \REST{} calls, query parameters, + \HTTP{} headers, cookies, batch files, \RSS{} feeds, etc; using positive validation (whitelisting), then lesser forms of validation such as greylisting (eliminating known bad strings), or rejecting bad inputs (blacklisting). \begin{result} - REST calls are validated using whitelisting, query parameters are not, + \REST{} calls are validated using whitelisting, query parameters are not, headers are not, cookies not, batch files are non-existent and RSS feed output is not filtered. \end{result}