The last blog we never got to explain our 3rd common vulnerability.
With all the hacks against big companies and sensitive data being compromised even if your, not a web-security expert it should be on your mind.
There are 3 major ones that all Junior developers should be aware of as they start to build and write code. These are some of the basic definitions from Wikpedia.
Last week we discussed the difference between a cookies/session versus a token authorization. Today we will visit some of the pros and cons of each
What is authorization and authentication, why is it so important and what are some ways it can be hacked? Authentication is confirming you are who you claim to be, this is the typical login process. Where we match your input username and password against the DB if is correct Authorization is when we know who you, but what rights or access do you have to this system are you an admin with full access pass or maybe you only have read rights.
As software developers, we are always trying to solve a problem whether it is a task that we have always been doing manually and want to be automated or a feature we want to add. The first thing we need to do is to think, then again think. Why? I know how to do it already.