Tuesday

Scripting Languages


Secure Computer: Scripting Languages

Many scripting languages have been used to develop applications that allow businesses to bring their products or services to the web. This is Great but it also creates a new avenue of attack for hackers.

The majority of web application vulnerabilities come not from bugs int he chosen language but in the methods and procedures used to develop the web application as well as hot the web server was configured.

suppose " if a form requests a zip code and the user enters "ABCDE" ,the application may fail if the developer did not properly validate incoming form data. several languages can be used for creating web applications, including CGI's, PHP and ASP.


  • CGI( Common Gateway Interface) : A standard way for a web server to pass a web user's request to an application program and to receive data back to forward to the user. CGI is part of the web's hypertext transfer protocol(HTTP). The most popular CGI application are : C,C++,JAVA and PERL.

  • PHP : PHP is an open source server side scripting language where the script is embedded within a  web page along with its HTML> before page is sent to a user, the web server calls PHP to interpret and perform any operations called for in the PHP script. whereas HTML displays static content, PHP allows the developer to build pages that present the user with dynamic, customized content based on user input. File name with the suffix "PHP".

  • ASP(Active Server Pages) : Web pages that have an .asp active server pages (ASP), are database drive dynamically created web page with a .ASP extension. They utilize ActiveX scripting usually VB Script or Jscript code. When browser requests an ASP, The web server generates a page with HTML code and immediately sends it back to the browser in this way they allow web users to view real time data, but they are more vulnerable to security problems.


Shop

Wolf - 150 x 150

Dmoz

Comments