Page 94 - GIGW2
P. 94
CH 07 Development
Following are some important validation methods that may be followed:
a. Departments may use automated accessibility tool and browser validation tool.
• Validate syntax (e.g., HTML, XML, etc.).
• Validate stylesheets (e.g, CSS).
b. It is a MUST that Indian Government websites are tested for multiple browsers
and versions of browsers, operating systems, connection speeds, and screen
resolutions to ensure access by all.
c. Use of a self-voicing browser, a screen reader, magnification software, small
display, etc.
d. Use spell and grammar checkers. Eliminating grammatical errors increases
comprehension.
e. Review the document for clarity and simplicity. Readability statistics, such as
those generated by some word processors may be useful indicators of clarity
and simplicity. Better still, ask experienced (human) editors to review written
content for clarity.
7.7
Web Application Security
Web Application security is of paramount concern to owners as well as consumers of
the website. A lot of security threats are handled at data centres and server administrator
level where the application is hosted. Application developers should however be sensitive
about security aspects, as a large number of security threats arise due to vulnerability of
application software code.
These application driven attacks sometimes turn out to be quite fatal. Best Practices
to follow while developing web applications using various technologies are available on
CERT-IN website (http://www.cert-in.org.in) as well as in internet space. Developers
should read, understand and follow these Best Practices during development. NIC as
well as CERT.IN have empaneled a number of agencies to conduct the security audit of
applications.
7.7.1 Each website/application MUST undergo a security audit from empaneled
agencies and clear the same, prior to hosting and after addition of new modules.
7.7.2 Department MUST formulate a security policy to address various security issues
related to the website.
80
