Web Security Threats Quiz

Web Security Threats and Mitigations

• Diceware uses a word list of 7,776 English words and involves rolling a dice 5 times to select a passphrase
• Bill Burr, author of NIST 2003 password guidelines, regrets recommending passwords with uppercase, lowercase, numbers, special characters, and a minimum of 8 characters
• Session hijacking involves impersonating a website user by compromising their session ID or cookies
• Cross-site scripting (XSS) vulnerabilities allow attackers to inject client-side scripts into web pages, bypassing access controls
• Contextual output encoding/escaping is the primary defense mechanism to stop XSS, with various escaping schemes for different contexts
• Web applications can mitigate XSS by tying session cookies to the user's IP address and using HttpOnly flag to prevent client-side script access
• Browser and plugin vulnerabilities pose risks and need to be patched by vendors, making it challenging for web application developers to address
• Clickjacking involves tricking users into clicking on invisible iframes positioned above clickable buttons on websites
• Injection attacks, such as SQL and JavaScript hijacking, occur when applications do not properly validate user input
• JavaScript hijacking allows unauthorized access to confidential data by bypassing the Same Origin Policy using JSON with Padding (JSONP)
• Search worms automate finding vulnerable web servers by sending crafted queries to search engines, evading random scanning and detection methods
• JSON with Padding is a way to bypass the same-origin policy by using JSON in combination with the script tag to execute functions and retrieve information from a server

Web Services, REST, and Proxy Servers Overview

• Load balancing involves distributing requests to the least loaded servers, while proximity routing sends requests to the nearest server when geographically distributed.
• Load balancing hardware prevents requests from reaching failed servers, and various technologies like DNS redirection and proxy servers aid in this process.
• NginX is preferred over Apache due to its lower memory usage and better ability to handle high traffic, while Lighttpd follows NginX in performance.
• Additional RAM or direct modules can enhance Apache's performance, and using NginX as a reverse proxy can improve overall server performance.
• Proxy servers act as intermediaries for client requests and can be used for various purposes like caching, security, and anonymizing.
• Proxy servers on the client-side, known as forward proxy servers, can control access to restricted sites and enhance performance through caching.
• HTTP headers, such as Last-Modified and ETags, are utilized for validation and control how browser caches and proxies handle objects.
• Web Services provide APIs for accessing a website's information across the Internet, with SOAP and REST being common implementation categories.
• XML security and encryption are crucial for financial transactions and are commonly used in SOAP-based web services.
• REST services, based on Representational State Transfer, use HTTP methods for server-to-client communication and often require OAuth user authentication.
• Cloud services, including application hosting, backup and storage, content delivery, and DNS protection, are offered through APIs and commercial payment models.
• REST is a software architecture style for distributed hypermedia systems, initially proposed by Roy Fielding and commonly used in modern web services.

Understanding Cookies and Cookie-Based Marketing

• Cookies can be set with an "expires=" parameter to specify the date for the cookie to be dropped.
• Overwriting cookies occurs when a new cookie with the same name, domain, and path as an existing cookie is encountered, causing the old cookie to be discarded.
• There is no specific mechanism for deleting cookies, but a common hack involves overwriting a cookie with a bogus value and backdating or setting a short-lived expiration.
• "Protected" cookies can be marked with a special "secure" keyword, causing them to be sent over HTTPS only as a security feature.
• Client-side cookies can be set and sent via JavaScript using the document.cookie property.
• The document.cookie property maintains a list of cookies that can be read and written, providing an array of all cookies for a particular domain.
• A cookie can be removed from the database either because it expires or the cookie file becomes too large, with browsers typically not storing more than 300 cookies, 20 cookies per web server, or more than 4K per cookie.
• The escape() and unescape() functions are used to encode and decode cookie values, converting special characters to their hex equivalents and vice versa.
• Cookie-based marketing involves advertisers using cookies to target specific ads to users and track their activity through third-party cookies.
• Ad networks connect advertisers to websites that want to host advertisements, involving advertisers, website owners, the ad network, and visitors.
• Doubleclick, now owned by Google, is an ad network that matches advertisements to users based on their profiles.
• Google Analytics, a free web analytics tool, uses its own set of cookies to track visitor interactions, storing information such as time of the current visit, previous visits, and referred sites.

Properties and Characteristics of AJAX

• AJAX allows browsers to send and receive data from servers asynchronously, without interfering with the display and behavior of the existing page.
• The XMLHttpRequest object is typically used in AJAX to request data from a server.
• AJAX can work with various data formats including JSON, HTML, and plain text, not just XML.
• AJAX heavily relies on JavaScript for dynamic display and interaction with fetched server data and can update the DOM in response to user interactions without page reloads.
• AJAX can be used in conjunction with other web technologies like PHP, ASP.NET, and APIs to fetch data.
• Modern browsers support AJAX, but the implementation details may vary.
• AJAX must be implemented with security considerations in mind to protect data integrity and prevent unauthorized access.
• AJAX, which stands for Asynchronous JavaScript and XML, is a combination of technologies including CSS, XHTML, DOM, XMLHTTPRequest, XML/JSON, and JavaScript.
• AJAX applications are not just websites, they allow for smooth interaction, immediate data effectiveness, visual effects, and dynamic icons.
• Traditional websites rely on server-side construction and interaction, while AJAX interfaces are manipulated by client-side JavaScript and are always responsive.
• AJAX can be recognized through iframes, jQuery AJAX functions, fetch(), and JavaScript code that invokes XMLHttpRequest.
• The Fetch API is an alternative to XMLHttpRequest, providing CORS and easy usage for REST calls, and is now included in all browsers.

React and React Native Overview

• React uses 1-way data binding and a virtual DOM for efficient updates, JSX for easy HTML and JS mixing, and provides excellent community support and dev tools
• Components are the building blocks of React applications, allowing the UI to be split into reusable pieces
• Functional/Stateless components do not maintain their own state, while Class/Stateful components can maintain a state and have an independent existence
• State in React is a JavaScript object containing component data, accessed via this.state and updated using setState() method
• Props make components reusable by allowing them to receive data from the parent component
• React-Bootstrap is used to add responsive capabilities to React and replaces the Bootstrap JavaScript
• React Native is a framework for building native, cross-platform mobile apps using JavaScript and React, with 5 levels of calls and bindings to native UI components
• React.js is the core of React Native, which allows for an easy learning curve and embodies all React’s principles and syntax
• React Native implements a strict subset of CSS and is used by startups for quicker development and cheaper resources
• React is a JavaScript library focused on the view layer, while Angular is a full-fledged MVC framework developed by Google
• Angular uses TypeScript and supports two-way data binding, RxJS, and a built-in dependency injection mechanism
• React offers more flexibility and a simpler learning curve, while Angular provides more out-of-the-box solutions and is more opinionated in its approach. Both have large communities and are ideal for building SPAs.

Website Optimization and ReactJS Overview

• GIFs can have their Expires date set appropriately to remove the cookie sooner
• Browser requests produce response status codes 200 (server sending back the image) and 304 (browser has the image in its cache)
• Akamai is the largest content distribution network (CDN) provider
• Initial 14 rules to optimize a website include making fewer HTTP requests, using a CDN, adding an Expires header, and compressing components using Gzip
• Putting stylesheets at the top can block rendering in IE, while moving scripts to the bottom can avoid delays in page rendering
• Making JavaScript and CSS external allows for caching, while reducing DNS lookups is recommended to improve performance
• Minifying JS is the second best way to optimize, and avoiding redirects and duplicate scripts are also important
• Etags are used to verify cached resources, and making AJAX cacheable and small is recommended
• Yahoo's best practices include flushing the buffer early, using GET for AJAX requests, and reducing the number of DOM elements
• ReactJS was developed by Facebook as a lightweight JavaScript library for building user interfaces in single-page applications
• ReactJS is not a fully-functional web app framework, but it is used by popular companies like Netflix, Facebook, and Instagram
• React tackles challenges by providing a view layer library and addressing issues with existing heavy-weight frameworks, 2-way data binding complexity, and performance-intensive updates to the real DOM