http://dbpedia.org/ontology/abstract
|
In the computing world, where software fra … In the computing world, where software frameworks make life of developer easier, there are problems associated with it which the developer does not intend. Software frameworks use Object Relational Mapping (ORM) tool or Active Record Pattern for converting data of different types and if the software framework does not have a strong mechanism to protect the fields of a class (the types of data), then it becomes easily exploitable by the attackers. These frameworks allow developers to bind parameters with HTTP and manipulate the data externally. The HTTP request that is generated carries the parameters that is used to create or manipulate objects in the application program. The phrase mass assignment refers to assigning values to multiple attributes in a single go. It is a feature available in frameworks like Ruby on Rails that allows the modifications of multiple object attributes at once using modified URL. For example, @person = Person.new(params[:person]) #params contains multiple fields like name, email, isAdmin and contact This Mass Assignment saves substantial amount of work for developers as they need not set each value individually.they need not set each value individually.
|
http://dbpedia.org/ontology/wikiPageID
|
51609856
|
http://dbpedia.org/ontology/wikiPageLength
|
6239
|
http://dbpedia.org/ontology/wikiPageRevisionID
|
1121409012
|
http://dbpedia.org/ontology/wikiPageWikiLink
|
http://dbpedia.org/resource/Active_record_pattern +
, http://dbpedia.org/resource/Object-relational_mapping +
, http://dbpedia.org/resource/Application_program +
, http://dbpedia.org/resource/Computing +
, http://dbpedia.org/resource/Ruby_on_Rails +
, http://dbpedia.org/resource/SSH_File_Transfer_Protocol +
, http://dbpedia.org/resource/Active_Records +
, http://dbpedia.org/resource/Class_%28computer_programming%29 +
, http://dbpedia.org/resource/Uniform_Resource_Locator +
, http://dbpedia.org/resource/Hypertext_Transfer_Protocol +
, http://dbpedia.org/resource/GitHub +
, http://dbpedia.org/resource/Database_schema +
, http://dbpedia.org/resource/Security_breaches +
, http://dbpedia.org/resource/Private_Access +
, http://dbpedia.org/resource/Mass_assignment_vulnerability +
, http://dbpedia.org/resource/Software_framework +
, http://dbpedia.org/resource/Category:Software_development +
|
http://dbpedia.org/property/wikiPageUsesTemplate
|
http://dbpedia.org/resource/Template:Orphan +
, http://dbpedia.org/resource/Template:Reflist +
, http://dbpedia.org/resource/Template:Technical +
, http://dbpedia.org/resource/Template:Manual +
, http://dbpedia.org/resource/Template:Multiple_issues +
|
http://purl.org/dc/terms/subject
|
http://dbpedia.org/resource/Category:Software_development +
|
http://www.w3.org/ns/prov#wasDerivedFrom
|
http://en.wikipedia.org/wiki/Mass-assignment_protection?oldid=1121409012&ns=0 +
|
http://xmlns.com/foaf/0.1/isPrimaryTopicOf
|
http://en.wikipedia.org/wiki/Mass-assignment_protection +
|
owl:sameAs |
https://global.dbpedia.org/id/2eUPT +
, http://dbpedia.org/resource/Mass-assignment_protection +
, http://www.wikidata.org/entity/Q28455690 +
|
rdfs:comment |
In the computing world, where software fra … In the computing world, where software frameworks make life of developer easier, there are problems associated with it which the developer does not intend. Software frameworks use Object Relational Mapping (ORM) tool or Active Record Pattern for converting data of different types and if the software framework does not have a strong mechanism to protect the fields of a class (the types of data), then it becomes easily exploitable by the attackers. These frameworks allow developers to bind parameters with HTTP and manipulate the data externally. The HTTP request that is generated carries the parameters that is used to create or manipulate objects in the application program.pulate objects in the application program.
|
rdfs:label |
Mass-assignment protection
|