Ask HN: Preventing SQL injection/XSS in web apps 1 points by singer 15y ago ↗ HN Before releasing a new web app, what are the top security-related items you check in order to prevent SQL injection, XSS, etc.?
[–] ntoshev 15y ago ↗ To prevent SQL injection, use bound SQL variables instead of embedding user input in SQL queries. You will also gain performance.To prevent xsrf attacks, check referer header before you take action.
[–] noodle 15y ago ↗ if you're obtaining input from a user, sanitize and validate it. for everything.
2 comments
[ 3.9 ms ] story [ 17.8 ms ] threadTo prevent xsrf attacks, check referer header before you take action.