[Rob Shein]
| The problem with this scheme is that it requires that the browser be
| party to the security. What about a blackhat using netcat? Bye-bye to
| whatever security functionality was built into the browser, and all
| protection contained therein.
I'm talking strictly server-side here. I'm not asking for a different
browser. I'm talking about how the server builds pages that it will
send to the browser. How it will build queries that is passed to a
database and so on.
We cannot change the clients, but we can change the server
architecture. Scrap all existing web programming environments and
create a new one that:
* Avoids cross site scripting by making it impossible for the
programmer to programmatically place markup on the output stream.
Everything written to the output stream will be automatically HTML
encoded. We will of course need some smart template system in
order to merge the displayed data into some pre-defined markup.
And yes, I realise that markup sometimes depends on the data to
display, but smart system designers will propably be able to deal
with that problem.
* Avoids SQL Injection by making it impossible to build SQL queries
using string concatenation and similar that requires the
programmer to remember handling quotes, non-numeric characters and
other constructs.
* Avoids Shell Command Injection by having no constructs that make
it possible to unknowingly pass user input to the shell.
And so on. Build a web development platform on which it is impossible
to make the common mistakes.
Sverre.
--
shhat_private Computer Geek? Try my Nerd Quiz
http://shh.thathost.com/ http://nerdquiz.thathost.com/
This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 10:20:21 PDT