Wapp

Check-in [8cec7dcae8]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Update the security page to talk about the fact that parameter names must not contain special characters.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 8cec7dcae84d53cd0ee24bd8acb7742aa77288ef324d18c957b7964e706ad316
User & Date: drh 2018-03-29 15:32:05
Context
2018-03-30
11:19
Fix typo in the security.md page. check-in: f32ee075ea user: drh tags: trunk
2018-03-29
15:32
Update the security page to talk about the fact that parameter names must not contain special characters. check-in: 8cec7dcae8 user: drh tags: trunk
2018-03-28
20:25
Update the built-in SQLite to the first 3.23.0 beta. check-in: 127706d944 user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to docs/security.md.

    29     29         disable this protection on a case-by-case basis.
    30     30   
    31     31     3.  Cookies, query parameters, and POST parameters are automatically
    32     32         decoded before they reach application code. There is no risk
    33     33         that the application program will forget a decoding step or
    34     34         accidently miscode a decoding operation.
    35     35   
    36         -  4.  Reply text generated using the "wapp-subst" and "wapp-trim" commands
           36  +  4.  Cookies, query parameters, and POST parameters are silently discarded
           37  +      unless their names begin with a lower-case letter and contain only
           38  +      alphanumerics, underscores, and minus-signs.  Hence, there is not risk
           39  +      that unusual parameter names can cause quoting problems or other
           40  +      vulnerabilities.
           41  +
           42  +  5.  Reply text generated using the "wapp-subst" and "wapp-trim" commands
    37     43         automatically escapes generated text so that it is safe for inclusion
    38     44         within HTML, within a javascript or JSON string literal, as a URL,
    39     45         or as the value of a query parameter. As long as the application
    40     46         programmer is careful to always use "wapp-subst" and/or "wapp-trim"
    41     47         to generate replies, there is little risk of injection attacks.
    42     48   
    43         -  5.  If the application is launched on a command-line with the --lint
           49  +  6.  If the application is launched on a command-line with the --lint
    44     50         option, then instead of running the application, Wapp scans the
    45     51         application code looking for constructs that are unsafe.  Unsafe
    46     52         constructs include things such as using "wapp-subst" with an argument
    47     53         that is not contained within {...}.
    48     54   
    49     55   Part of what makes Wapp easy to use is that it helps free application
    50     56   developers from the worry of accidently introducing security vulnerabilities
    51     57   via programming errors.  Of course, no framework is fool-proof.  Developers
    52     58   still must be aware of security.  Wapp does not prevent every error, but
    53     59   it does help make writing a secure application easier and less stressful.