How to validate web text field regarding to security testing?
I am testing a web form with text fields. I need to conduct security testing of this form but I have no idea about exact test cases I need to verify.
Can anyone help with that?
briley last edited by Eugene
- XSS scripts, for example:
- Check input field is validated on client side as well as on server side
- Make sure that encryption is always enabled, using Fiddler or other similar tools
- SQL-injection, for example:
xxx') OR 1 = 1 -- ]
- Check strange characters such as “<>/;,!” can not are cut or handled securely
- Check characters limitation