securitymobilejquery-mobile

What Are the standards in mobile web application development?


I am working as a developer of a mobile team. Up to now, we have developed many navite mobile applications on windows mobile and android platforms. Our branch has groved up for the last 2 years and we have not many employees to work with. So we found a solution that covers platform-free application development. So, we will make it possible with a web based mobile application. WCF HTTP services, logging side, database, ssl certificate etc. are ready for this. My questions:

  1. what are the basics of a mobile web application for security.
  2. Is it possible to take mobile browser support that runs HTML5 on any A-B-C generation mobile phones ?
  3. jquery libraries for mobile (jquery mobile etc.) are secure enough for this?

Solution

  • Have you, or members of your team taken a look at the OWASP (Open-Web Application Security Project) wiki? They're an IT security interest group specializing in web application security, as well as general InfoSec (policy, programming, network authentication)

    They have provided a variety of FOSS resources for fuzzing, and additionally a variety of dense, no-fluff cheat sheets that I've found to be instrumental in my own pursuits. Good luck.

    In particular:

    If you're using an SQL back-end, be sure to sanitize your inputs and use prepared statements (friends don't let friends forget about SQLi)