Efficient compression for server-side G-buffer streaming in web applications

Today’s contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL.

Download Full-text

An Application Development Based on Android Platform － The Design and Realization of the Mood Release System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.496-500.2057 ◽

2014 ◽

Vol 496-500 ◽

pp. 2057-2060

Author(s):

Shuang Zhu Zhao ◽

Ting Zhang ◽

Xiao Na Liu

Keyword(s):

Web Applications ◽

Application Development ◽

Release System ◽

Server Side ◽

Key Technologies ◽

Android Platform ◽

Promising Application ◽

The Way

This article aims at designing and implementing a mood release system based on Android, with the result that, whenever and wherever possible, the users can release their moods. The key technologies of the system are the way the client terminator submitting parameters for Web applications and the mode to realize the communication between the client and the server. In our developed system, the client terminator receives the message from the server terminator, using thread technology and get access to the page source that server-side specifies, and investigation shows our system has a promising application prospect.

Download Full-text

Developing Server-Side Infrastructure for Large-Scale E-Learning of Web Technology

International Journal of Distance Education Technologies ◽

10.4018/jdet.2010010104 ◽

2010 ◽

Vol 8 (1) ◽

pp. 54-68

Author(s):

Neil Simpkins

Keyword(s):

Large Scale ◽

Web Applications ◽

Operation Time ◽

Distributed Applications ◽

Learning Context ◽

Business Courses ◽

Server Side ◽

Network Operation ◽

Basic Characteristics ◽

Increasing Demand

The growth of E-business has made experience in server-side technology an increasingly important area for educators. Server-side skills are in increasing demand and recognised to be of relatively greater value than comparable client-side aspects (Ehie, 2002). In response to this, many educational organisations have developed E-business courses, but their approaches cannot generally be applied in the distance learning context. Providing server-side infrastructure is important to allow students to gain an appreciation of concepts as well as experiencing aspects like network operation, time delays and failure and ‘just-in-time’ collaboration, which are basic characteristics of distributed applications. Here, the development of a scalable architecture and successful provision of access to a set of server applications for a very large number of students is described. A key objective is to establish a framework that can be applied in education and commerce to support very large-scale deployment of web applications and services for applications with varying properties.

Download Full-text

Making the Web 2.0 Faster for Next Generation

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.a1237.109119 ◽

2019 ◽

Vol 9 (1) ◽

pp. 2922-2924

Keyword(s):

Web 2.0 ◽

Programming Language ◽

User Experience ◽

Web Application ◽

Web Applications ◽

Digital Content ◽

Server Side ◽

Application Systems ◽

Scripting Language ◽

The Web

Undeniably the most favored web scripting language is PHP. Almost 80% of the internet’s server-side web applications are written in PHP which includes big giants like WordPress, Wikipedia, and Facebook. In present-day, at an accelerating pace, the quantity of digital content is burgeoning. A heterogeneous set of users' devices is being amassed by these contents and administering these contents manually is an infeasible solution engendering an increasing set of problems. A solution to this problem would be to switch to a web programming language, which can be compiled. We are describing an easy to deploy and a continuous conversion mechanism for converting existing Web 2.0 PHP application systems into Facebook’s HHVM supported Hack server-side application systems. We are trying to use the power of Hack language and amplify the performance of existing PHP server-side applications. Instead of interpreting all of your code Hack translates it to assembly and runs that instead, which can lead to an immense amount of increase in performance. We are using Hacktificator, a tool developed by Facebook Developers and our demo web application running on HHVM to test and convert user’s existing PHP codebase to Hack language. With this proposed methodology we do not have to make any change to existing codebase manually or hire new engineers for the conversion, nor do we have to take down our live systems. Conversion can be done on the fly and will result in approximately 2x to 20x better performance. The availability of this tool can save costs for manual conversion, save time as well as improve the user experience of websites with better performance

Download Full-text

A Study of Node.js Using Injection Vulnerabilities

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v8i5.666 ◽

2018 ◽

Vol 8 (5) ◽

pp. 64

Author(s):

Tushar Srivastava ◽

Ashutosh Pandey ◽

Rizwan Khan

Keyword(s):

Web Applications ◽

Program Code ◽

Server Side ◽

Work Area ◽

The Mind ◽

Client Side

The Node.js community has prompt the making of numerous applications, for example, server-side web applications and work area applications. Not at all like client side JavaScript code, Node.js applications can collaborate uninhibitedly with the working framework without the advantages of a security sandbox. The mind boggling exchange between Node.js modules prompts unobtrusive infusion vulnerabilities being presented crosswise over module limits. This paper displays a substantial scale consider crosswise over 235,850 Node.js modules to investigate such vulnerabilities. We demonstrate that infusion vulnerabilities are predominant practically speaking, both due to eval, which was already examined for program code, and because of the effective executive API presented in Node.js. Our investigation demonstrates that a great many modules might be helpless against charge infusion assaults and that notwithstanding for prominent undertakings it requires long investment to settle the issue.

Download Full-text

Dynamic Wireless Application Development II

Mobile Commerce Application Development ◽

10.4018/978-1-59140-806-2.ch008 ◽

2005 ◽

pp. 193-227

Author(s):

Lei-da Chen ◽

Gordon W. Skelton

Keyword(s):

Programming Languages ◽

User Interfaces ◽

Web Application ◽

Web Applications ◽

Ease Of Use ◽

Application Development ◽

Development Environment ◽

Wireless Applications ◽

Server Side ◽

Wireless Application

In the previous chapter, we created an m-business application using ColdFusion. Besides ColdFusion, many other development tools can be used to develop m-business applications. Visual Studio .NET, an integrated development environment by Microsoft, has become an increasingly popular corporate applicationdevelopment tool due to its ease of use and support for a wide range of programming languages. Besides traditional Windows and Web applications, Visual Studio .NET also allows developers to build mobile and wireless applications with relative ease. The focus of this chapter is to discuss the tools and techniques for developing wireless applications using Visual Studio .NET. Wireless applications are developed using the ASP .NET Mobile Web Application template. The template provides developers with WYSIWYG tools for creating user interfaces for various mobile devices. These tools work seamlessly with ASP.NET, which uses a form-based approach to build server-side applications for processing user requests and interacting with databases. In this chapter, we will develop a business-to-consumter wireless application using Visual Studio .NET.

Download Full-text

Understanding and detecting server-side request races in web applications

10.1145/3468264.3468594 ◽

2021 ◽

Author(s):

Zhengyi Qiu ◽

Shudi Shao ◽

Qi Zhao ◽

Guoliang Jin

Keyword(s):

Web Applications ◽

Server Side

Download Full-text

DETECTING SERVER-SIDE ENDPOINTS IN WEB APPLICATIONS BASED ON STATIC ANALYSIS OF CLIENT-SIDE JavaScript CODE

PRIKLADNAYa DISKRETNAYa MATEMATIKA ◽

10.17223/20710410/53/3 ◽

2021 ◽

pp. 32-54

Author(s):

D. A. Sigalov ◽

◽

A. A. Khashaev ◽

D. Yu. Gamayunov ◽

◽

...

Keyword(s):

Static Analysis ◽

Web Application ◽

Web Applications ◽

Security Analysis ◽

Endpoint Detection ◽

Security Testing ◽

Application Security ◽

Server Side ◽

Dynamic Web ◽

Client Side

The problem of server-side endpoint detection in the context of blackbox security analysis of dynamic web applications is considered. We propose a method to increase coverage of server-side endpoint detection using static analysis of client-side JavaScript code to find functions which generate HTTP requests to the server-side of the application and reconstruct parameters for those functions. In the context of application security testing, static analysis allows to find such functions even in dead or unreachable JavaScript code, which cannot be achieved by dynamic crawling or dynamic code analysis. Evaluation of the proposed method and its implementation has been done using synthetic web application with endpoints vulnerable to SQL injections, and the same application was used to compare the proposed method with existing solutions. Evaluation results show that adding JavaScript static analysis to traditional dynamic crawling of web applications may significantly improve server-side endpoint coverage in blackbox application security analysis.

Download Full-text

A survey on server-side approaches to securing web applications

ACM Computing Surveys ◽

10.1145/2541315 ◽

2014 ◽

Vol 46 (4) ◽

pp. 1-29 ◽

Cited By ~ 27

Author(s):

Xiaowei Li ◽

Yuan Xue

Keyword(s):

Web Applications ◽

Server Side

Download Full-text

Efficient compression for server-side G-buffer streaming in web applications

Optimized watershed delineation library for server-side and client-side web applications

Preventive Measures for Cross Site Request Forgery Attacks on Web-based Applications

An Application Development Based on Android Platform － The Design and Realization of the Mood Release System

Developing Server-Side Infrastructure for Large-Scale E-Learning of Web Technology

Making the Web 2.0 Faster for Next Generation

A Study of Node.js Using Injection Vulnerabilities

Dynamic Wireless Application Development II

Understanding and detecting server-side request races in web applications

DETECTING SERVER-SIDE ENDPOINTS IN WEB APPLICATIONS BASED ON STATIC ANALYSIS OF CLIENT-SIDE JavaScript CODE

A survey on server-side approaches to securing web applications

Export Citation Format