Web applications face escalating cyber threats, with Cross-Site Scripting (XSS) and SQL Injection (SQLi) being prominent and damaging vulnerabilities. Traditional security measures often lack consistency and maintainability due to ad-hoc implementation. This project explores the refactoring of a Java web application using the Intercepting Filter design pattern to provide a systematic and centralized approach to mitigate XSS and SQLi vulnerabilities. The Intercepting Filter pattern enables preprocessing and postprocessing of client requests and server responses, centralizing security logic into reusable filter components. This approach enhances maintainability, scalability, and the effectiveness of security measures. By modularizing security-related logic, the pattern allows for easy updates and extensions, adapting to evolving threats and application requirements. The project demonstrates a significant reduction in the vulnerability of the refactored application to XSS and SQLi attacks, showcasing the practical benefits of applying the Intercepting Filter pattern for web application security.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Refactoring a Java Web Application Using the Intercepting Filter Design Pattern to Mitigate XSS and SQLi

  • A. V. Sriharsha,
  • Thota Shobitha Reddy,
  • Varagamreddy Muralidhar Reddy,
  • Mungamuri Ravi Teja Reddy,
  • Yerragadda Upendra Yadav

摘要

Web applications face escalating cyber threats, with Cross-Site Scripting (XSS) and SQL Injection (SQLi) being prominent and damaging vulnerabilities. Traditional security measures often lack consistency and maintainability due to ad-hoc implementation. This project explores the refactoring of a Java web application using the Intercepting Filter design pattern to provide a systematic and centralized approach to mitigate XSS and SQLi vulnerabilities. The Intercepting Filter pattern enables preprocessing and postprocessing of client requests and server responses, centralizing security logic into reusable filter components. This approach enhances maintainability, scalability, and the effectiveness of security measures. By modularizing security-related logic, the pattern allows for easy updates and extensions, adapting to evolving threats and application requirements. The project demonstrates a significant reduction in the vulnerability of the refactored application to XSS and SQLi attacks, showcasing the practical benefits of applying the Intercepting Filter pattern for web application security.