From 313c9116d67956daf0c3db9d39eb4824f1613a08 Mon Sep 17 00:00:00 2001 From: Marcin Zelent Date: Fri, 25 May 2018 13:15:52 +0200 Subject: Proofread and fixed some mistakes --- synopsis.tex | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/synopsis.tex b/synopsis.tex index 4d9a7cf..36494d2 100644 --- a/synopsis.tex +++ b/synopsis.tex @@ -422,7 +422,7 @@ SqlCommand cmd = new SqlCommand(query); cmd.Parameters.AddWithValue("@param_username, username); \end{minted} -This way, if an attacker will send \texttt{login' OR '1'='1} to the application, +This way, if an attacker sends \texttt{login' OR '1'='1} to the application, it will not cause any harm, because the query would simply try to find a user with name \texttt{login' OR '1'='1}. @@ -430,7 +430,7 @@ with name \texttt{login' OR '1'='1}. \subsubsection{How it works} -Cross-Site Scripting is closely related to injection as it works by injecting a +Cross-Site Scripting is closely related to injection as it works by inserting a malicious code to the application. There are two categories of this attack: stored and reflected. @@ -553,7 +553,7 @@ pick up this topic. The questions I asked in my problem definition were on point as, by trying to answer them, I managed to describe the things I wanted to learn and write about. I think my methods of research were correct since the availability of resources made it easy to find information in many different, -interesting forms. Creation of examples allowed me to not only understand the +interesting forms. Creation of examples allowed me to not only understand the security concepts in theory but also in practice. The plan I came up with was good because it allowed me to focus on my goals instead of single activities on specific days, which would be hard to follow, because of my dynamic schedule. -- cgit v1.2.3