1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Security Considerations
=======================
Wapp strives for security by default. Applications can disable security
features on an as-needed basis, but the default setting for security
features is always "on".
Security features in Wapp include the following:
1. The default
[Content Security Policy](https://en.wikipedia.org/wiki/Content_Security_Policy)
of "CSP"
for all Wapp applications is _default\_src 'self'_. In that mode,
resources must all be loaded from the same origin, the use of
eval() and similar commands in javascript is prohibited, and
no in-line javascript or CSS is allowed. These limitations help
keep applications safe from
[XSS attacks](https://en.wikipedia.org/wiki/Cross-site_scripting)
attacks, even in the face of application coding errors. If these
restrictions are too severe for an application, the CSP can be
|
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Security Considerations
=======================
Wapp strives for security by default. Applications can disable security
features on an as-needed basis, but the default setting for security
features is always "on".
Security features in Wapp include the following:
1. The default
[Content Security Policy](https://en.wikipedia.org/wiki/Content_Security_Policy)
of "CSP"
for all Wapp applications is _default-src 'self'_. In that mode,
resources must all be loaded from the same origin, the use of
eval() and similar commands in javascript is prohibited, and
no in-line javascript or CSS is allowed. These limitations help
keep applications safe from
[XSS attacks](https://en.wikipedia.org/wiki/Cross-site_scripting)
attacks, even in the face of application coding errors. If these
restrictions are too severe for an application, the CSP can be
|
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
4. Reply text generated using the "wapp-subst" and "wapp-trim" commands
automatically escapes generated text so that it is safe for inclusion
within HTML, within a javascript or JSON string literal, as a URL,
or as the value of a query parameter. As long as the application
programmer is careful to always use "wapp-subst" and/or "wapp-trim"
to generate replies, there is little risk of injection attacks.
5. If the application is launched on a command-line with the --trim
option, then instead of running the application, Wapp scans the
application code looking for constructs that are unsafe. Unsafe
constructs include things such as using "wapp-subst" with an argument
that is not contained within {...}.
Part of what makes Wapp easy to use is that it helps free application
developers from the worry of accidently introducing security vulnerabilities
via programming errors. Of course, no framework is fool-proof. Developers
still must be aware of security. Wapp does not prevent every error, but
it does help make writing a secure application easier and less stressful.
|
|
|
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
4. Reply text generated using the "wapp-subst" and "wapp-trim" commands
automatically escapes generated text so that it is safe for inclusion
within HTML, within a javascript or JSON string literal, as a URL,
or as the value of a query parameter. As long as the application
programmer is careful to always use "wapp-subst" and/or "wapp-trim"
to generate replies, there is little risk of injection attacks.
5. If the application is launched on a command-line with the --lint
option, then instead of running the application, Wapp scans the
application code looking for constructs that are unsafe. Unsafe
constructs include things such as using "wapp-subst" with an argument
that is not contained within {...}.
Part of what makes Wapp easy to use is that it helps free application
developers from the worry of accidently introducing security vulnerabilities
via programming errors. Of course, no framework is fool-proof. Developers
still must be aware of security. Wapp does not prevent every error, but
it does help make writing a secure application easier and less stressful.
|