Security Analysis of Web Open-Source Projects Based on Java and PHP

During website development, the selection of suitable computer language and reasonable use relevant open-source projects is imperative. Although two languages, PHP Java, have been extensively investigated in this context, there are not many security test reports based on their projects. In article, we conducted separate analyses web-related Java. To end, different frameworks services used to design websites experimental attacks 12 popular filters available GitHub, as well investigate Lightweight Directory Access Protocol (LDAP) Firefox browser environment. Using malicious payloads published by Open Web Application Security Project (OWASP) others, Cross-site Scripting (XSS), Local File Inclusion (LFI), SQL injection, LDAP injection performed targets. The results reveal that although PHP-based more vulnerable than Java-based ones, significant room for improvement. Finally, a whitelist-based filtering scheme proposed. This inline attributes label elements so filter has an excellent detection rate while having pass benign payloads. Effective references suggestions web developers also included aid projects, feasible solutions improve performance