• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
 
MALAYSIAN PUBLIC SECTOR OPEN SOURCE SOFTWARE (OSS)PROGRAM
WEB APPLICATION GUIDELINES
APRIL 2008
 
 MALAYSIAN PUBLIC SECTOR OPEN SOURCE SOFTWARE PROGRAM Web Application Guidelines
COPYRIGHT
The Government of Malaysia retains the copyright of this document.Page 1
 
 MALAYSIAN PUBLIC SECTOR OPEN SOURCE SOFTWARE PROGRAM Web Application Guidelines
Table of Contents
COPYRIGHT.......................................................................................................................................1ABBREVIATIONS AND TERMS.......................................................................................................41. INTRODUCTION...........................................................................................................................91.1 Purpose Of This Document........................................................................................................91.2 Usage Of This Document........................................................................................................101.3 Scope And Applicability..........................................................................................................102. ANALYZE THE REQUIREMENTS............................................................................................122.1 Categorizing Functionality......................................................................................................132.2 Determining Usage And Traffic Capacity...............................................................................152.3 Planning For Scalability...........................................................................................................162.4 Planning For Server Platform Independence...........................................................................162.5 Planning For Browser Compatibility.......................................................................................172.6 Designing For User's Typical Connection Speed....................................................................182.7 Designing For Commonly Used Screen Resolutions.............................................................193. DETERMINE APPLICATION FUNCTIONALITY....................................................................203.1 Analyzing Data Requirements.................................................................................................203.2 Reducing Or Isolating Real-time Updates...............................................................................223.3 Using Dynamic Content Accelerator.......................................................................................223.4 Determining For High-Availability Requirement....................................................................233.5 Maintaining Session Integrity..................................................................................................233.6 Considering Multilingual Support...........................................................................................244. ADOPT SUITABLE WEB ARCHITECTURE.............................................................................264.1 2-Tier Architecture...................................................................................................................264.2 3-Tier Architecture...................................................................................................................274.3 Model-View-Controller (MVC) Architecture..........................................................................294.4 Service-Oriented Architecture (SOA)......................................................................................305. DESIGN WEB APPLICATION....................................................................................................315.1 Designing For Scalability........................................................................................................315.2 Using Modular Design.............................................................................................................325.3 Adopting Suitable Framework For Development....................................................................325.4 Adopting Suitable Database Abstraction Layer.......................................................................355.5 Optimizing Connections..........................................................................................................355.6 Making Sense Of Web Security...............................................................................................365.6.1 Code Injection..................................................................................................................365.6.2 Remote Code-Inclusion....................................................................................................365.6.3 SQL Injection...................................................................................................................365.6.4 Cross-site Scripting (XSS)...............................................................................................375.6.5 Cross-site Request Forgery (CSRF).................................................................................375.6.6 Directory Traversal..........................................................................................................375.6.7 HTTP response splitting...................................................................................................385.6.8 Session Fixation...............................................................................................................385.6.9 Session Hijacking.............................................................................................................385.6.10 Input Form Spamming...................................................................................................385.6.11 Executable Script And Program Upload........................................................................39Page 2
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...