How does the application contemplate common security exposures such as cross site scripting and SQL injection?

0
Posted

How does the application contemplate common security exposures such as cross site scripting and SQL injection?

0

Skyway applications are generated as standard J2EE applications which utilize .jsp pages that reflect the design intentions of the Skyway Developer. The Skyway Web Layer is designed to only create variable references that were designed to be available on any given page or in any given context and prevents access or modification of variables that were not scoped to be modified by a particular page. The database access that is generated by Skyway does not allow nested SQL scripts to be injected into form fields, for example, however the platform does allow developers the option of creating their own SQL, in which case the responsibility for protecting that SQL string belongs to the Skyway Developer. Skyway does not eliminate the need to protect your applications from cross site scripting attacks, and safeguards built into the browser/web server layers are respected.

Related Questions