AVOIDING SECURITY HOLE IN YOUR JAVA APP #1

AVOIDING SECURITY HOLE IN YOUR JAVA APP #1

Suppose you own an app where child window exits , your user by default may close the child windows by click the close button , you may however disable the window as read-only with setReadOnly to true as setReadOnly(true) or making it invisible with css display:none ,doing that means you have just created a security hole with the css key , because malicious user will access the button and close the window .The best practice is to set the window to read-only, which also prevent closing on the server side.

Example on the use of a child window in an application using a custom component with open and close button.

2016-12-17-at-07-44-432016-12-17-at-07-45-00

this show how we can inherits CustomComponent class which consist of a Button for the window opening with a lable to show the attributes of the window

Now , you can see the window is open but the button is disabled. When the window is close , button is enabled

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: