Outer Web | Explore

Explore >> Select a destination

You are here		neilmadden.blog Towards a standard for bearer token URLs - Neil Madden
\|	\|	www.redotheweb.com Your API-Centric Web App Is Probably Not Safe Against XSS and CSRF	3.4 parsecs away Travel
\|	\|	As we're reinventing web applications with SPAs and frontend frameworks, we need to reinvent web application security, too.	3.4 parsecs away Travel
\|	\|	brockallen.com Host authentication and Web API with OWIN and active vs. passive authentication middleware \| brockallen	4.5 parsecs away Travel
\|	\|	A quick note about Web API 2 security running in OWIN and a ASP.NET project (which you will see with the new templates in Visual Studio 2013). By default, Web API code running in a host will inherit the host's authentication model. This means if the web application uses cookie authentication or windows authentication for...	4.5 parsecs away Travel
\|	\|	www.sjoerdlangkemper.nl Should each form have a different CSRF token?	2.5 parsecs away Travel
\|	\|	A common protection against CSRF attacks is to have a secret token in each POST request. Typically, this token is the same throughout the session, but in some circumstances it is more secure to rotate CSRF tokens often, or make them specific to the form they are on.	2.5 parsecs away Travel
\|	\|	anebquebec.com Subscribe to our newsletter - Aneb	22.8 parsecs away Travel
\|			22.8 parsecs away Travel