A Suite of Metrics for Evaluating Client-Side web Applications: An Empirical Validation

2020 ◽  
Author(s):  
Luis Felipe Henao Lopez ◽  
Maricela Gomez Martinez ◽  
Albeiro Espinosa Bedoya
Keyword(s):  
Web Applications ◽  
Empirical Validation ◽  
Client Side

scholarly journals XSS Vulnerability Assessment Procedure and Mitigation for Web Application

2020 ◽  
Vol 8 (6) ◽  
pp. 5279-5281
Keyword(s):  
Vulnerability Assessment ◽  
Web Application ◽  
Web Applications ◽  
Assessment Procedure ◽  
User Comments ◽  
Web Vulnerabilities ◽  
Client Side

CSS is one of the foremost routine vulnerabilities that affect many web applications. XSS attacks are essentially malicious injections (client-side) that are added to an internet page or app through user comments, form submissions, and so on. The most danger behind XSS is that it allows attackers to inject content into the online app. The injected content can modify how it's displayed, forcing the browser to execute the attacker’s code. Web vulnerabilities are developed for scanning whole webpage of internet sites. Vulnerability Assessment is that the process of identifying vulnerabilities in your application’s environment. Vulnerability is defined as a weakness or flaw within the system that permits an attacker or insider to access the system during a way they’re not authorized.

scholarly journals Developing Web-Application’s Automated Testing Technique

2019 ◽  
Vol 17 (3) ◽  
pp. 93-110
Author(s):  
A. V. Tkachev ◽  
D. V. Irtegov
Keyword(s):  
Web Application ◽  
Development Process ◽  
Web Applications ◽  
Assessment System ◽  
Automated Testing ◽  
Automatic Assessment ◽  
Testing Technique ◽  
Code Coverage ◽  
Client Side ◽  
User Actions

The article is devoted to the technique of automated testing of NSUts – automatic assessment system for programming tasks developed at NSU. The main priority for this technique is to test both the old and the new versions of the application, so that the same or minimally modified tests could be executed on two versions of the system with different architectures. This could be useful while organizing the development process for other applications with a long life cycle. To test not only the server but also the client side of the web application, we suggest using tools like Selenium WebDriver to simulate user actions by sending commands to real browsers. We use the well-known Page Object design pattern to handle differences in HTML layout and functionality, and describe a number of ways to make developed tests less fragile and easily adapt those to work with the new version of the system. The article also describes the use of this technique to organize automated testing of the NSUts system and analyzes its effectiveness. The analysis shows that the estimated code coverage by these tests is quite high, and therefore the technique can be considered effective and applied to other similar web applications.

scholarly journals Recent Trends in JSON Filters

2021 ◽  
pp. 87-93
Author(s):  
Atul Jain ◽  
ShashiKant Gupta
Keyword(s):  
Programming Language ◽  
Web Application ◽  
Data Exchange ◽  
Web Applications ◽  
Data Format ◽  
Data Exchange Format ◽  
Exchange Format ◽  
Recent Trends ◽  
Client Side ◽  
Extract Information

JavaScript Object Notation is a text-based data exchange format for structuring data between a server and web application on the client-side. It is basically a data format, so it is not limited to Ajax-style web applications and can be used with API’s to exchange or store information. However, the whole data never to be used by the system or application, It needs some extract of a piece of requirement that may vary person to person and with the changing of time. The searching and filtration from the JSON string are very typical so most of the studies give only basics operation to query the data from the JSON object. The aim of this paper to find out all the methods with different technology to search and filter with JSON data. It explains the extensive results of previous research on the JSONiq Flwor expression and compares it with the json-query module of npm to extract information from JSON. This research has the intention of achieving the data from JSON with some advanced operators with the help of a prototype in json-query package of NodeJS. Thus, the data can be filtered out more efficiently and accurately without the need for any other programming language dependency. The main objective is to filter the JSON data the same as the SQL language query.

scholarly journals WebIBC: Identity Based Cryptography for Client Side Security in Web Applications

2008 ◽  
Author(s):  
Zhi Guan ◽  
Zhen Cao ◽  
Xuan Zhao ◽  
Ruichuan Chen ◽  
Zhong Chen ◽  
...  
Keyword(s):  
Web Applications ◽  
Identity Based ◽  
Identity Based Cryptography ◽  
Client Side

Towards Automated Bypass Testing of Web Applications

2010 ◽  
pp. 212-229 ◽  
Author(s):  
J. Miller ◽  
L. Zhang ◽  
E. Ofuonye ◽  
M. Smith
Keyword(s):  
Test Data ◽  
Web Applications ◽  
Test Cases ◽  
Web Based ◽  
Is Security ◽  
Mission Critical ◽  
Client Side ◽  
Input Validation

The construction and testing of Web-based systems has become more complex and challenging with continual innovations in technology. One major concern particularly for the deployment of mission critical applications is security. In Web-based systems, the principal vulnerabilities revolve around deficient input validation. This chapter describes a partially automated mechanism, the tool InputValidator, which seeks to address this issue through bypassing client-side checking and sending test data directly to the server to test the robustness and security of the back-end software. The tool allows a user to construct, execute and evaluate a number of test cases through a form-filling exercise instead of writing bespoke test code.

A Study of Node.js Using Injection Vulnerabilities

2018 ◽  
Vol 8 (5) ◽  
pp. 64
Author(s):  
Tushar Srivastava ◽  
Ashutosh Pandey ◽  
Rizwan Khan
Keyword(s):  
Web Applications ◽  
Program Code ◽  
Server Side ◽  
Work Area ◽  
The Mind ◽  
Client Side

The Node.js community has prompt the making of numerous applications, for example, server-side web applications and work area applications. Not at all like client side JavaScript code, Node.js applications can collaborate uninhibitedly with the working framework without the advantages of a security sandbox. The mind boggling exchange between Node.js modules prompts unobtrusive infusion vulnerabilities being presented crosswise over module limits. This paper displays a substantial scale consider crosswise over 235,850 Node.js modules to investigate such vulnerabilities. We demonstrate that infusion vulnerabilities are predominant practically speaking, both due to eval, which was already examined for program code, and because of the effective executive API presented in Node.js. Our investigation demonstrates that a great many modules might be helpless against charge infusion assaults and that notwithstanding for prominent undertakings it requires long investment to settle the issue.

Sign in / Sign up

Export Citation Format

Share Document