Bulletproof Websites

At CFUN a few weeks back, I gave a presentation (with a bad name - Security) that talked about Bulletproof Websites. This is just a fancy way of describing a web site that cannot, and will not, break if input parameters (url variables, form fields, cookies) are messed with. How many web sites out there break if you change a simple ?id=5 in the URL to ?id=ray? Way too many.

By the way, I know my sites aren't perfect either. But it seems like people are not even coming close to considering error trapping in their application design. If this is a topic that interests people, I'll blog more on it later. Right now I have to eat or I'll waste away into nothingness. (Well, I'm probably a few dingdongs away from that. ;)

Archived Comments

Comment 1 by Mike Klepper posted on 7/9/2003 at 7:54 AM

Hi Raymond:

Will you be posting PowerPoint shows or other notes from that presentation?

Thanks,
Mike

Comment 2 by ^_^ posted on 7/9/2003 at 10:48 AM

Mike, see the CFUN03 topics page, you can download presentations and sample code there:

http://www.cfconf.org/cfun-...

Comment 3 by Raymond Camden posted on 7/9/2003 at 12:58 PM

The power point there is currently a tiny bit old. Today I will post the most current versions, and will send them off to the cfun web site as well.

Comment 4 by Scott Fitchet posted on 7/16/2003 at 6:44 AM

excellent topic. bulletproof (& elegant) exception handling wasn't feasible in cf5 so i ignored it a lot. what have you done with mx (from http request open to close).

sjf

Raymond Camden

Bulletproof Websites

Support this Content!

Webmentions

Archived Comments