Client side

Web Application technologies

 

To be able to understand how different attacks on web applications are taking place we will go through a fast review over different web applications technologies. Our fast review will cover the two main categories: Client side

Http protocol issues: therefore Client side

The review will include information about Http request, response, headers and methods in addition to cookies and status codes and authentication therefore

Web Application technologies: 

This part will cover general information about:  therefore

 Client-side functionalities and technologies: therefore Client side

 

We mean by client-side functionalities all technologies and functions that appear on the client side represented by the web browser. Client side

o html, css, javaScript, VBScript,Document object model and ajax,browser extension technologies like Java applet, ActiveX and silver light

 

 Server-side functionalities and technologies: 

 

These parts covers all technologies executed on the server or located at the back end.

o Server side scripting PHP, VBscript, Perl and recently also javascript, Web application platforms: ASP.NET, Servers: IIS, Apache, nodejs, Databases: MySQL, SQL server, Orcale, Filessystems

In this part, we will discuss only client-side functionalities

 

HTTP issues

 

http issue

Http is hypertext transfer protocol it is the main protocol used on web, it was originally developed to retrieve text pages from web server developed after that to allow retrieving other types of media and web pages’ contents. It adopts Request Response approach which means that it is a connect-less protocol.

The protocol depends on the TCP protocol on the transport layer as it is a state full protocol. The HTTP protocol messages (request and response) as most of protocols messages are composed of two parts, Message Headers part containing one or more headers with optional values and Message Body part that optionally contains the payload of the message.

 

HTTP Request:

 

The following example shows an Http request message:

HTTP Request

As you see the request begins with HTTP method that decides whether the request is meant to request a resource from the server (GET) or to send user input to server to be processed (POST)

As the example is using the GET method the message body is not necessary. Next is the uniform resource locator (URL) this part represent the address for the resource that needs to be fetched any extra parameters are passed after (?) sign and this part is called Query String.

The last part in in first line is the version of used HTTP protocol. In our example
we are using the most used version 1.1.
Next we will have a set of headers in the format of (header name : header
value) , headers will be separated by blank line.
Http protocol support many headers the following are the most commonly used:

 Referrer: the resource from which the Request-URI was obtained
 User-agent: contains information about the user agent originating the request
 Host: this is the hostname necessary specially when virtual hosts exist onthe web server (more than one site on the same webserver).

 Cookie: An HTTP cookie previously sent by the server with Set-Cookie
 Accept: specify certain media types which are acceptable for the response
 Accept-language: restricts the set of natural languages that are preferred
as a response to the request
 Accept-encoding: restricts the content-coding that are acceptable in the
response

 

HTTP Response:

 

HTTP Response:
 First line in HTTP Response contains the used version and the status code. In our example the version is 1.1 and the status code is (200) which refers to the fact that the requested resource was retrieved successfully, lot of other choices are available the most common are (404) for not ound and (403) for forbidden.

The main notation depends on the most left number:

(1) Is to provide information.
(2) When the request is successful
(3) This is the redirection code which means that the request will be redirected.
(4) When an error occurs.

The status code is followed by description of status code in our example case it is (OK).

 Date header specifies the date of response.
 Server header specifies the name of web server software that answer the request in our example it is Apache server
 X-Powered-By: it is nonstandard header specifies the technology used to create the response.
 Pragma: specifies wither to put the response in the cache or not
 Expires: specifies when the cached content should expire, as you see in
that header the value is in the past which refers to the fact that the response content will not be cached.

 Content-type and content-length: refer to the html contents contained in the response body and the length of body part of the message in bytes.
 Set-Cookie: set the name and value of the cookie that will be sent to the
browser and resent afterwards with each request to this server.
 Connection: it tells HTTP to keep alive, for additional messages, or close
the TCP connection.

 

Different HTTP methods:

 

As you see in the previous example that we use the GET method to retrieve resource from the server. Different other methods are available the most common are:

 POST: GET and POST method are the most used methods while GET method send name of the requested resource in the header along with other parameters, POST method helps to send the information in the body part.
Post method helps to send information without disclosing it in the address bar as the GET method additionally it helps to send bigger information size noting that most web servers limit the size of header to less than 20K.

 Head: this method is like GET method but it does not return any body part in the response.
 Trace: this method works as an echo method were the response contains the exact same contents as the request message. It is mainly used for diagnoses purposes.
 Options: returns a response containing allowed HTTP methods for specific resource.
 Put: helps to upload a resource to the server, this method can be a
main source of attack if activated so it should be carefully controlled.

 

Cookies:

 

cookie approach is HTTP way to overcome the stateless issue for the protocol as it allows the server to store information on the client machine receiving a response through the set-cookie header then this pair of name value will be sent to the server with any request from the client to same domain.

More control can be applied on this method using different attributes like expire attribute that set the expiration date of the cookie and the domain attribute that can set the domain that the cookie is valid in.
Other attributes are path attribute which set the exact path where the cookie is valid. The secure attribute specifies the usage of cookies only over HTTPS.

Http Only is another attribute that prevent client side java scripts from accessing
cookies information directly and restrict access to http only.

 

Securing HTTP:

 

One problem of HTTP protocol that it sends the contents in plain text mode so it will be easy for anyone eavesdropping on line to be able to disclose or alter the sent messages thus it is important to find a way to secure HTTP messages.

The most common approach is to use HTTPS protocol which depends mainly on tunneling HTTP messages through secure socket layer protocol (SSL) in order to apply encryption and hashing functionalities to assure messages confidentiality and integrity.

 

Http authentication:

Http protocol itself has three main methods to provide authentication services to different users:

 Basic: original and most compatible authentication scheme user credentials are sent with each request in Http header encoded as Base46- encoded string the less secure scheme.
 NTLM: designed by Microsoft a challenge-response mechanism uses a version of the Windows NTLM protocol originally had problem but recently resolved it considered more secure than digest scheme.

 Digest: added in version HTTP 1.1 .authentication is more secure than basic authentication as it never transfers the actual password across the network, but instead uses it to encrypt a “nonce” field value sent from the server.

 

Client-side functionalities -HTML

 

HTML stands for Hyper Text markup language. It is tag-based language with the main functionality to set the presentation structure of the document specifying how the document is going to be render by the browser.

HTML were amended frequently and new version were developed the current is HTML5 which has a special capability to deal with multimedia contents and enhance searching ability by adding semantic tags.

Other standards were also developed like XHTML which allows a strict control over HTML syntax as XML based document. therefore

The main feature provided by HTML in addition to controlling the format of a document is Hyperlinks, the functionality that help surfer to point and click to move from document to another or inside the same document.

Links are normally specified with the tag anchor <a> :

<a href=”http://www.skcomputerco.com/index.php?name=sami”>The Home
page</a>

The tag above defines a link that specifies the resource named (index.php) and passes the parameter (name) with the value (sami). The information is sent in the HTTP header with GET method. therefore

In real applications the point and click interaction level becomes unable to fulfil the required functionality arbitrary data entry.HTML provides a special tag (Form) as a container and different types of (input) tag to allow different entry types. therefore

HTML

As illustrated in the previous example the markup code above will show the following form however

Form
On submit the following request will be sent by the client(web browser) therefore

html

 The request will be sent using POST method therefore
 The data will be sent in the body part not header.
 The content type is set to one of known content types. (application/xwww-form urlencoded) therefore
 If the form contains a file the content type that should be used is(multipart/form-data)

 

Client-side functionalities – CSS

 

CSS is the acronym of Cascade Style Sheet, from the name we can know that CSS is responsible on styling the HTML file, but why bother if HTML itself contains main tags that can help in controlling the format of the document therefore

CSS has three main features that make its usage justified:

 Enhance format reusability over all the website pages
 Help to isolate the contents from presentation which makes interface customization easier which enable usage of multiple skins. therefore
 New CSS version (CSS3) supports lots of powerful features like animation, rotation, transitions and lot of other features that are not available in pure HTML based format.

 

CSS usage: 

Client side

CSS Rules can be used in 3 main scenarios depending on where it was declared, inside or outside the document or as a part of style attribute value.

The three scenarios are:  thereforetherefore

 Inline usage: in this type of usage the CSS rule is defined as part of (Style) attribute of the HTML. The inline usage mainly helps in forcing a special style for a specific element but it does not reflect any benefit in term of reusability in the same document or multiple documents. therefore

<div style=”background-color:black;”></div> therefore

 Internal usage: this type of usage depends on the declaration. of CSS rules in the HTML document head inside the style element. Rules declared using this approach are only usable in the same document and cannot be used in other documents.therefore

 External usage: this type of usage is considered as the most efficient type. because it allows the reusability of CSS rules in multiple document. This benefit is attained by the fact that CSS rules are declared in a separated file that has the (css) extension.  therefore

 

Client side functionalities – Java Script Client side

 

Javascript is a programming language originally developed by Netscape navigator for the purpose of providing a scripting functionality that can be parsed and executed by the client side (the browser).JavaScript uses a syntax similar to java, C and it is based on ECMAScript. Client side

Running at the client side made JavaScript also a delicious target. for malicious attacks trying to compromise the client or steal his information. Recently JavaScript is used as a server side script through Nodejs and Mark logic.  therefore

On the client side JavaScript is added to the HTML document using the <script>
tag as external file or inline as shown in the code listing below.

javascript

 

Create stunning website with wordpress or laravel

LEAVE A REPLY

Please enter your comment!
Please enter your name here