Beware the HTTP path parameter

Tweet Please forgive the title, but today’s topic is something to be wary of if you write (or use) any access control / authorization type code in web-based j2ee apps: HTTP URL path parameters. Many people are unfamiliar with them (as they are uncommon), but they are something you should be aware of. A nice […]

Preventing Log Forging in Java

Tweet This article will provide a quick overview of log forging and discuss a couple simple solutions to prevent it. First, what is log forging? Logging is one of the most common things that an application does. Logging is a very generic term that can mean lots of different things, from debug style logging for […]