URL Level Access Control Cheat Sheet

DRAFT CHEAT SHEET - WORK IN PROGRESS
=Introduction=

This article is focused on providing clear, simple, actionable guidance for providing Access Control security in your applications.

What is URL Level Access Control?
=Attacks on URL Level Access Control=

=URL Level Access Control Issues=

=Access Control Anti-Patterns=

Never Depend on Untrusted Data
=Attacking Access Controls=

=Testing for Broken URL Level Access Control=

=Defenses Against URL Level Access Control Attacks=

=Best Practices=

Best Practice: SOMETHING ELSE

 * In Some Code

(code*)here
 * In Some other code

(code*)here

Best Practice: Verifying policy server-side
=SQL Integrated Access Control=

Examples

= Related Articles =