12INJECTION ATTACKS

In this chapter, I’ll discuss types of injection attacks, many of which apply both to iOS client applications and to their remote endpoints or APIs. While a thorough examination of all potential server-side flaws is outside the scope of this book, this chapter will give you an idea of how an iOS app and its complementary endpoint or web app can work together to prevent security flaws.

Injection attacks are standard for web applications, but client-side injection attacks are less common and go largely unnoticed by developers and security engineers. Client-side injection attacks happen when remotely supplied data is parsed by the program running on the device. The most notable examples of this are cross-site scripting, SQL injection, ...

Get iOS Application Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.