Chapter 8. Web application firewalls and client-side filters
Information in this chapter:
Different types of filtering devices can be used to protect Web applications from attacks such as Structured Query Language injections and cross-site scripting. For some applications, it is difficult to implement internal controls to protect against Web attacks due to the high cost of retrofitting existing code. Even worse, it may be impossible to make changes to code due to licensing agreements or lack of source code. To add defenses to these kinds of Web applications, external solutions must be considered. Web application firewalls (WAFs) and client-side filters are commonly used to detect (and sometimes block) ...