Difference between revisions of "OWASP Mobile Security Project Platform Specific Guidance AndroidCode Draft"

From OWASP
Jump to: navigation, search
(Created page with "== Local Storage == Android code examples for local storage: <tt> try { Context context = getApplicationContext(); FileOutputStream stream; stream = c...")
 
Line 1: Line 1:
== Local Storage ==
+
== Authentication ==
Android code examples for local storage:
+
== Session Management ==
 +
== Access Control ==
 +
== Input Validation ==
 +
== Output Encoding/Escaping ==
 +
== Cryptography ==
 +
== Error Handling and Logging ==
 +
== Data Protection ==
 +
Android code examples for Data Protection:
 
<tt>
 
<tt>
 
     try {
 
     try {
Line 14: Line 21:
 
     }
 
     }
 
</tt>
 
</tt>
 
+
== Communication Security ==
== Section 2 ==
+
== HTTP Security ==
Stuff:
+
== Security Configuration ==
 
+
== Section 3 ==
+
Stuff:
+
 
+
== Section 4 ==
+
Stuff:
+

Revision as of 07:16, 20 October 2011

Contents

Authentication

Session Management

Access Control

Input Validation

Output Encoding/Escaping

Cryptography

Error Handling and Logging

Data Protection

Android code examples for Data Protection:

   try {
       Context context = getApplicationContext();
       FileOutputStream stream;
       stream = context.openFileOutput("local_filename", Context.MODE_PRIVATE);
       OutputStreamWriter bw = new OutputStreamWriter(stream);
       bw.write(sb.toString());
       bw.flush();
       bw.close();
   } catch (IOException ioe) {
       // Handle the exception
   }

Communication Security

HTTP Security

Security Configuration