Recommandé
Contenu connexe
Plus de Atsushi Matsuo
Plus de Atsushi Matsuo (20)
Dernier
Dernier (20)
INTER-Mediatorが備えるセキュリティ機能
- 2. • Web • INTER-Mediator • INTER-Mediator Training Course Agenda
- 3. Web
- 7. • • • •
- 9. XSS • INTER-Mediator HTML <td colspan="3" class="grayback" data- im="messageauth@message">
- 10. innerHTML • innerHTML <td colspan="3" class="grayback" data- im="messageauth@message@innerHTML">
- 11. CSRF • params.php $webServerName • • Web FQDN
- 12. CSRF • params.php $webServerName $webServerName = array('inter- mediator.com', 'inter-mediator.info');
- 14. • params.php $xFrameOptions • • $xFrameOptions = 'SAMEORIGIN';
- 16. INTER-Mediator • INTER-Mediator • LDAP OAuth2
- 17. INTER-Mediator • authuser authgroup authcor • - issuedhash
- 18. IM_Entry( array(array( 'name' => 'chat', 'key' => 'id', 'authentication' => array('all' => array('target' => 'field-user', 'field' => 'user',),), 'protect-writing' => array( 'user' ), ),), array( 'authentication' => array( // 'user' => array('user1'), // 'group' => array('group2'), // ), ), array('db-class' => 'PDO'), false );
- 22. • target field-user field • target field-group field
- 23. • params.php • $contentSecurityPolicy • $generatedPrivateKey • $passwordPolicy
- 24. • INTER-Mediator Training Course • Chapter 7 • Chapter 8
- 25. • SSL/TLS • HTTP • SSL/TLS HTTPS
- 26. SSL • HTTP HTTPS • SSL/TLS SSL • Let's Encrypt
- 28. • INTER-Mediator • ePub • INTER-Mediator-ServerVM
- 30. IM_Entry( array( array( "name" => "salesitems", "view" => "items", "query" => array( array("field" => "year", "operator" => "=", "value" => "2016"), ), "extending-class" => "AdditionalProccess", ),
- 31. PHP <?php class AdditionalProccess implements Extending_Interface_BeforeRead, Extending_Interface_AfterRead { public function doBeforeReadFromDB() { } public function doAfterReadFromDB($result) { /* */ return $result; } }
- 32. • INTER-Mediator Training Course Chapter 8
- 34. • Web • •