you follow conventions you can avoid sql injection attacks. If you use
the Security component you can prevent CSRFattacks. If you use proper
methods to escape any user input you can prevent XSS attacks.
So cakephp has features to increase security, however you are still
required to implement them manually. So it is still possible to make a
very insecure cakephp application!
Cheers,
Adam
On Nov 27, 3:47 am, Tim <t...@gurske.com> wrote:
> I am looking for a webpage or something that details what security
> issues Cake handles. Customers ask how secure their sites are going to
> be and I assure them that since I'm using the CakePHP framework that
> their site is being built on a secure foundation. I need some details
> though. I looked through the site and maybe I missed it but I can't
> find a page detailing the security handling of Cake.
>
> So if anybody knows of a document that I can send to my clients that
> details how "secure" Cake is please send it my way. Thanks!
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment