Home page logo
/

basics logo Security Basics mailing list archives

#include file tag in HTML: possible issues?
From: "Giuseppe DELL'ERBA" <giuseppe.dellerba () st com>
Date: Fri, 13 Jan 2006 16:20:19 +0100

Hi all,

I have to evaluate from security point of view an application that is going to add in its template pages the #include 
file tag. 
This will allow a section of code to be inserted in the page, and the code that is inserted may be stored in an 
external file.  

Do you think this feature can introduce possible security threats? And, eventually, the remediation needed?

Thanks
Peppe


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault