Chris Pollett>
Old Classses > |
HW#5 --- last modified November 27 2020 18:07:48.Due date: Dec 7 Files to be submitted: Purpose: Experiment with web security exploits and their mitigations. Related Course Outcomes: The main course outcomes covered by this assignment are: CLO3 -- Write server-side scripts that process HTML forms. CLO4 -- Write client-side scripts that validate HTML forms. Description: For this homework, I want you to implement three of the web site attacks given on the November 23 lecture. Put these in the files attack_1.php, attack_2.php, attack_3.php. For each attack, I then want you to modify the site you create showing the attack, to make another site which prevents the attack. Put these modified sites in the files: fix_1.php, fix_2.php, and fix_3.php. For each of site pair, I want you to have an explanation file which says what attack you were trying to demonstrate, how to see the file to observe the attack, and how your prevention site prevents the attack. Store these explanations in the files: explanation_1.txt, explanation_2.txt, explanation_3.txt. At least one of your attacks should involve a database attack.
|