×
思维导图备注
Secure Mobile Development
首页
白天
夜间
小程序
阅读
书签
我的书签
添加书签
移除书签
Webviews
来源:NowSecure
浏览
590
扫码
分享
2019-04-27 17:33:16
Webviews
Webviews
Prevent Framing and Clickjacking
Protect against CSRF with form tokens
当前内容版权归
NowSecure
或其关联方所有,如需对内容或内容相关联开源项目进行关注与资助,请访问
NowSecure
.
上一篇:
下一篇:
Secure Mobile Development
Mobile Security Primer
Coding Practices
Increase Code Complexity and Use Obfuscation
Avoid Simple Logic
Test Third-Party libraries
Implement Anti-tamper Techniques
Securely Store Sensitive Data in RAM
Understand Secure Deletion of Data
Avoid Query String for Sensitive Data
2.8 Use caution in deserializing untrusted data
Handling Sensitive Data
Implement Secure Data Storage
Use SECURE Setting For Cookies
Fully validate SSL/TLS
Protect Against SSL Downgrade Attacks
Limit Use of UUID
Treat Geolocation Data Carefully
Institute Local Session Timeout
Implement Enhanced/Two-Factor Authentication
Protect Application Settings
Hide Account Numbers and Use Tokens
Implement Secure Network Transmission Of Sensitive Data
Validate Input From Client
Avoid Storing App Data in Backups
Caching and Logging
Avoid Caching App Data
Avoid Crash Logs
Limit Caching of Username
Carefully Manage Debug Logs
Be Aware of the Keyboard Cache
Be Aware of Copy and Paste
Webviews
Prevent Framing and Clickjacking
Protect against CSRF with form tokens
iOS
Use the Keychain Carefully
Avoid Cached Application Snapshots
Implement Protections Against Buffer Overflow Attacks
Avoid Caching HTTP(S) Requests/Responses
Implement App Transport Security (ATS)
Implement Touch ID Properly
6.7 Declare Intended Use of Protected Data Classes
Android
Implement File Permissions Carefully
Implement Intents Carefully
Check Activities
Use Broadcasts Carefully
Implement PendingIntents Carefully
Protect Application Services
Avoid Intent Sniffing
Implement Content Providers Carefully
Follow WebView Best Practices
Avoid Storing Cached Camera Images
Avoid GUI Objects Caching
Sign Android APKs
7.13 Request Android permissions carefully
7.14 Set the “usesCleartextTraffic” flag to false
Servers
Implement Proper Web Server Configuration
Properly Configure Server-side SSL
Use Proper Session Management
Protect and Perform Penetration Testing of Web Services
Protect Internal Resources
暂无相关搜索结果!
本文档使用
BookStack
构建
×
分享,让知识传承更久远
×
文章二维码
手机扫一扫,轻松掌上读
×
文档下载
普通下载
下载码下载(免登录无限下载)
你与大神的距离,只差一个APP
请下载您需要的格式的文档,随时随地,享受汲取知识的乐趣!
PDF
文档
EPUB
文档
MOBI
文档
温馨提示
每天每在网站阅读学习一分钟时长可下载一本电子书,每天连续签到可增加阅读时长
下载码方式下载:免费、免登录、无限制。
免费获取下载码
下载码
文档格式
PDF
EPUB
MOBI
码上下载
×
微信小程序阅读
您与他人的薪资差距,只差一个随时随地学习的小程序
×
书签列表
×
阅读记录
阅读进度:
0.00%
(
0/0
)
重置阅读进度