My slides from the IPC Munich Conference on the topic of "Business Logic Security" are now available for download here: Slides

My slides from the "Application Logic Security" talk at ZendCon are now available here. If you've attended talk, I'd love to hear your feedback via Joind.In.

I've been so busy last few weeks I didn't get a chance to blog about the acceptance of my talk for ZendCon. So, here it is now, better late then never. This year has been quite busy in terms of security when it comes to PHP, the language and many changes were done to make the language better when it comes to security. The talk will try to summarize the many happenings in the PHP security world in to a quick one hour talk, so it should be quite an interesting challenge :)

Thanks to the surprisingly well working wifi at the moment the slides from the PHP Security pitfalls are now available can be downloaded here. I hope everyone who had been present at the talk had found something interesting that will help them improve the security of their code.

Every web developer knows how to make a GET redirect, in fact they've probably done it numerous times. However very few people know the same can be done for POST requests, in some instances completely transparently to the user. This by itself make not seem like an issue, but when you combine it with XSS it can be a very powerful to used to scam users. Consider the following scenario. A user goes to a trusted site where XSS had modified the action field of the login POST form, pointing it to http://p0wn3d.com/post.php. When user submits a request it goes to a 3rd party site, which captures the login credentials and then redirects the POST data to the original site. In the end to the user has no clue something sinister had happened because they never see p0wn3d.com. In fact the everything appears to have worked as intended. So how does this work. Ability to redirect POST comes as a courtesy of the little known 307 redirect code. Which in PHP can be forced in the following manner: [php] header("Location:...