| Description |
1 online resource (xii, 96 pages) : illustrations (chiefly color) |
| Contents |
Hands-On Oracle Application Express Security: Building Secure Apex Applications -- Copyright -- About the Authors -- About the Technical Editor -- Acknowledgments -- Contents -- Introduction -- Structure -- Some Basics -- APEX URL Format -- JavaScript Console -- Other Resources -- Chapter 1: Access Control -- The Problem -- The Solution -- Authentication -- Application Authentication -- Page Authentication -- Authorization -- Application Authorization -- Page Authorization -- Button and Process Authorization -- Process Authorization -- On-Demand |
|
File UploadSummary -- Chapter 2: Cross-Site Scripting -- The Problem -- The Solution -- Examples -- Understanding Context -- Reports -- Report Column Display type -- Report Column Formatting -- HTML Expressions -- Report Column Formatting -- Column Link -- Report Column -- List of Values -- Direct Output -- Summary -- Chapter 3: SQL Injection -- The Problem -- The Solution -- Validation -- Examples -- Dynamic SQL -- Execute Immediate -- Example -- Dynamic SQL -- Cursors -- Example -- Dynamic SQL -- APEX API -- Example |
|
Function Returning SQL QueryExample -- Substitution Variables -- Example -- Summary -- Chapter 4: Item Protection -- The Problem -- The Solution -- Validations -- Value Protected -- Page Access Protection -- Session State Protection -- Prepare_Url Considerations -- Ajax Considerations -- Examples -- Authorization Bypass -- Form and Report -- Summary -- Appendix A: Using Apexsec to Locate Security Risks -- Apexsec Online Portal -- Apexsec Desktop -- Appendix B: Updating Item Protection -- Appendix C: Untrusted Data Processing |
|
Expected ValueSafe Quote -- Colon List to Comma List -- Tag Stripping |
| Summary |
BAn example-driven approach to securing Oracle APEX applications/b As a Rapid Application Development framework, Oracle Application Express (APEX) allows websites to easily be created based on data within an Oracle database. Using only a web browser, you can develop and deploy professional applications that are both fast and secure. However, as with any website, there is a security risk and threat, and securing APEX applications requires some specific knowledge of the framework. Written by well-known security specialists Recx, this book shows you the correct ways to implement your APEX applications to ensure that they are not vulnerable to attacks. Real-world examples of a variety of security vulnerabilities demonstrate attacks and show the techniques and best practices for making applications secure. ulliDivides coverage into four sections, three of which cover the main classes of threat faced by web applications and the forth covers an APEX-specific protection mechanismliAddresses the security issues that can arise, demonstrating secure application designliExamines the most common class of vulnerability that allows attackers to invoke actions on behalf of other users and access sensitive data/ul The lead-by-example approach featured in this critical book teaches you basic "hacker" skills in order to show you how to validate and secure your APEX applications |
| Notes |
English |
|
Print version record |
| SUBJECT |
Oracle Application express. http://id.loc.gov/authorities/names/n2008071223
|
|
Oracle Application express fast |
| Subject |
Application software -- Development.
|
|
COMPUTERS -- Security -- General.
|
|
COMPUTERS -- Internet -- Application Development.
|
|
Application software -- Development
|
| Form |
Electronic book
|
| LC no. |
2013933608 |
| ISBN |
9781118686133 |
|
9781118685785 |
|
1118685784 |
|
1118686136 |
|
