20.2 Understanding Developer Security Best Practices
Learn about security best practices for Oracle APEX developers.
- About Items of Type Password
Password items do not emit the text entered to the web browser screen. When creating password items, Oracle recommends using password attributes that do not save session state to prevent the password from being saved in the database in the session state tables.
- Identifying At Risk Password Items
Identify at risk password items by viewing the Security Profiles report and Password Items report.
- Understanding Cross-Site Scripting Protection
Protect your application from a cross site-scripting security breach.
- About Session State and Security
Learn about managing session state and security.
- Preventing URL Tampering
Session State Protection is a built-in functionality that prevents hackers from tampering with the URLs within your application. URL tampering can adversely affect program logic, session state contents, and information privacy.
- About Securing File Uploads
Learn about developer best practices for securing file uploads.
Parent topic: Managing Application Security