A longitudinal exploratory study on code smells in server side web applications

2021 ◽  
Author(s):  
Narjes Bessghaier ◽  
Ali Ouni ◽  
Mohamed Wiem Mkaouer
Keyword(s):  
Exploratory Study ◽  
Web Applications ◽  
Code Smells ◽  
Server Side

scholarly journals Preventive Measures for Cross Site Request Forgery Attacks on Web-based Applications

2018 ◽  
Vol 7 (4.15) ◽  
pp. 130
Author(s):  
Emil Semastin ◽  
Sami Azam ◽  
Bharanidharan Shanmugam ◽  
Krishnan Kannoorpatti ◽  
Mirjam Jonokman ◽  
...  
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Operating Cycle ◽  
Web Application Security ◽  
Web Based ◽  
Business World ◽  
Application Security ◽  
Server Side ◽  
Combined Solution ◽  
Cross Site Request Forgery

Today’s contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL.  

An Application Development Based on Android Platform - The Design and Realization of the Mood Release System

2014 ◽  
Vol 496-500 ◽  
pp. 2057-2060
Author(s):  
Shuang Zhu Zhao ◽  
Ting Zhang ◽  
Xiao Na Liu
Keyword(s):  
Web Applications ◽  
Application Development ◽  
Release System ◽  
Server Side ◽  
Key Technologies ◽  
Android Platform ◽  
Promising Application ◽  
The Way

This article aims at designing and implementing a mood release system based on Android, with the result that, whenever and wherever possible, the users can release their moods. The key technologies of the system are the way the client terminator submitting parameters for Web applications and the mode to realize the communication between the client and the server. In our developed system, the client terminator receives the message from the server terminator, using thread technology and get access to the page source that server-side specifies, and investigation shows our system has a promising application prospect.

Developing Server-Side Infrastructure for Large-Scale E-Learning of Web Technology

2010 ◽  
Vol 8 (1) ◽  
pp. 54-68
Author(s):  
Neil Simpkins
Keyword(s):  
Large Scale ◽  
Web Applications ◽  
Operation Time ◽  
Distributed Applications ◽  
Learning Context ◽  
Business Courses ◽  
Server Side ◽  
Network Operation ◽  
Basic Characteristics ◽  
Increasing Demand

The growth of E-business has made experience in server-side technology an increasingly important area for educators. Server-side skills are in increasing demand and recognised to be of relatively greater value than comparable client-side aspects (Ehie, 2002). In response to this, many educational organisations have developed E-business courses, but their approaches cannot generally be applied in the distance learning context. Providing server-side infrastructure is important to allow students to gain an appreciation of concepts as well as experiencing aspects like network operation, time delays and failure and ‘just-in-time’ collaboration, which are basic characteristics of distributed applications. Here, the development of a scalable architecture and successful provision of access to a set of server applications for a very large number of students is described. A key objective is to establish a framework that can be applied in education and commerce to support very large-scale deployment of web applications and services for applications with varying properties.

scholarly journals Making the Web 2.0 Faster for Next Generation

2019 ◽  
Vol 9 (1) ◽  
pp. 2922-2924
Keyword(s):  
Web 2.0 ◽  
Programming Language ◽  
User Experience ◽  
Web Application ◽  
Web Applications ◽  
Digital Content ◽  
Server Side ◽  
Application Systems ◽  
Scripting Language ◽  
The Web

Undeniably the most favored web scripting language is PHP. Almost 80% of the internet’s server-side web applications are written in PHP which includes big giants like WordPress, Wikipedia, and Facebook. In present-day, at an accelerating pace, the quantity of digital content is burgeoning. A heterogeneous set of users' devices is being amassed by these contents and administering these contents manually is an infeasible solution engendering an increasing set of problems. A solution to this problem would be to switch to a web programming language, which can be compiled. We are describing an easy to deploy and a continuous conversion mechanism for converting existing Web 2.0 PHP application systems into Facebook’s HHVM supported Hack server-side application systems. We are trying to use the power of Hack language and amplify the performance of existing PHP server-side applications. Instead of interpreting all of your code Hack translates it to assembly and runs that instead, which can lead to an immense amount of increase in performance. We are using Hacktificator, a tool developed by Facebook Developers and our demo web application running on HHVM to test and convert user’s existing PHP codebase to Hack language. With this proposed methodology we do not have to make any change to existing codebase manually or hire new engineers for the conversion, nor do we have to take down our live systems. Conversion can be done on the fly and will result in approximately 2x to 20x better performance. The availability of this tool can save costs for manual conversion, save time as well as improve the user experience of websites with better performance

A Study of Node.js Using Injection Vulnerabilities

2018 ◽  
Vol 8 (5) ◽  
pp. 64
Author(s):  
Tushar Srivastava ◽  
Ashutosh Pandey ◽  
Rizwan Khan
Keyword(s):  
Web Applications ◽  
Program Code ◽  
Server Side ◽  
Work Area ◽  
The Mind ◽  
Client Side

The Node.js community has prompt the making of numerous applications, for example, server-side web applications and work area applications. Not at all like client side JavaScript code, Node.js applications can collaborate uninhibitedly with the working framework without the advantages of a security sandbox. The mind boggling exchange between Node.js modules prompts unobtrusive infusion vulnerabilities being presented crosswise over module limits. This paper displays a substantial scale consider crosswise over 235,850 Node.js modules to investigate such vulnerabilities. We demonstrate that infusion vulnerabilities are predominant practically speaking, both due to eval, which was already examined for program code, and because of the effective executive API presented in Node.js. Our investigation demonstrates that a great many modules might be helpless against charge infusion assaults and that notwithstanding for prominent undertakings it requires long investment to settle the issue.

Sign in / Sign up

Export Citation Format

Share Document