Simon Willison’s Weblog

Subscribe

Security and coding style

20th December 2002

A couple of good web development security resources:

  • The Peon’s Guide To Secure System Development—why most software is insecure, why this is a bad thing and some sugestions for strategies to improve the situation.
  • The Cross Site Scripting FAQ—Cross site scripting (where malicious users insert HTML / javascript in to your site in some way that allows them to steal cookies or cause other problems) is an issue that all web developers should understand. It is easy to defend against once you understand the problem.

I also found myself reading the Linux Kernel Coding Style document for some reason, and learnt some useful lessons about writing effective C (should I ever need to delve in to that language).

Posted 20th December 2002 at 8:27 pm · Follow me on Mastodon, Bluesky, Twitter or subscribe to my newsletter

More recent articles

This is Security and coding style by Simon Willison, posted on 20th December 2002.

Next: Debugging HTTP headers

Previous: Blockquote citations

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe

Previously hosted at http://simon.incutio.com/archive/2002/12/20/securityAndCodingStyle