Friday, June 10th, 2011

Code injection, error throwing

Category: Chrome, Testing

<>p>In a blog, Opera Software Developer Relations team member Tiffany B. Brown looks at code injection, error throwing and handling and mobile debugging. She notes Opera Dragonfly and its remote debug features provide a way to debug mobile sites from their desktop. Brown mentions WebKit’s recently added remote debugging capabilities, folded into Google Chrome developer tools. Pointed to as well are Bugaboo, an iOS app for Safari-based debugging; JS Console which is available on the Web or as an iOS app; and Weinre for WebKit-based browsers. In this entry, Brown looks more closely at Dragonfly remote debug and JSConsole.

 

 

Related Content:

  • Malicious code injection: It's not just for SQL anymore
    Injection attacks are ubiquitous, and SQL injection is only one version of the exploit. S.P.I. Dynamics' Bryan Sullivan describes these attacks and...
  • SQL injection
    Learn about SQL Server injection in this excerpt from "The Database Hacker's Handbook: Defending Database Servers" by David Litchfield, Chris Anley,...
  • SQL injection: Developers fight back
    SQL injection attacks are a popular threat against application security. Anurag Agarwal provides 10 steps developers can use to secure their Web...
  • SQL injection attacks targeting Flash, JavaScript errors
    Coding errors leave thousands of websites vulnerable, but attackers are starting to target Flash and JavaScript errors for exploitation, experts...
  • Common injection attacks
    Hackers can cripple a system's security with injection attacks. Learn how to avoid these malicious attacks by understanding the different kinds of...

Posted by jvaughan at 10:01 pm
5 Comments

++++-
4 rating from 53 votes

5 Comments »

Comments feed TrackBack URI

I don’t know about mobile browsers, but among desktop browsers, I think nothing can even reach the minimal capabilities of Firefox joined with Firebug accompanied with some other add-ons like web developer toolbar, measure it, ColorZilla, etc.
Let’s support CSS3. Read CSS3 Multi-Column Layout Module.
Also CSS3 Writing Module can be helpful for users with languages other than English.

Comment by saeedneamati — June 12, 2011

@saeedneamati: Maybe you mean that nothing matches the memory hogging capabilities of Firefox and Firebug combined, because Google Chrome more or less has feature parity to Firebug with the added benefit of not being dog-slow.

Comment by reinis — June 15, 2011

@reinis, I would definitely say Google Chrome has a lot less debugging features than Firebug, because there are too many Plugins for the Firebug Plugin, that means u get a All-In-One Debugger (JS Debugger, HTML, CSS, Flash Console, Cookies/Sessions, Shared Objects Console, SEO Console, XPATH, XML, AS, JAVA, and many more, and this all in just One Plugin (even if it is extended with plugins by plugins)). I think u dont know about these capabilities. But i agree fully with u, that Firefox + Firebug has a lot of Memory Problems & Co. and that sucks a lot, its really a pity. Otherwise I would recommend Firebug to other Users. But maybe they handle this problems in the future, I hope..

Comment by darki777 — June 17, 2011

Hi, great article, just to clear up one misconception, assertions are a very specific tool, if you read the wikipedia article about them there is a line that says : “Assertions should be used to document logically impossible situations and discover programming errors”, that means they are specifically not for checking whether arguments for a method exist or type checking.
The former is called defensive programming and makes it very hard to unit test and is also generally considered bad practice.
An example of when you might use assertions would be to check that the value of a radius property in degrees is between 0 and 360.

Comment by simon000666 — June 20, 2011

If you’re checking for SQL injection in a complex Web 2.0 application, Firebug won’t cut it (since there aren’t always obvious form fields you’ll want to change — some data being posted is instead saved in memory and not in the DOM). You need an extension or proxy server that intercepts the web request before it hits the server and allows you to monkey with the values. Trying to do this in Firebug via the javascript console is doable, but way too cumbersome. I use the Tamper Data extension for Firefox, but there are other tools available as well.

Now a word from my daughter: . xcd m, ,b mn m,

Comment by drlongghost — September 17, 2011

Leave a comment

You must be logged in to post a comment.