Secure Coding mailing list archives
Re: [Esapi-dev] OWASP CSRFGuard
From: Chris Schmidt <chrisisbeef () gmail com>
Date: Fri, 29 Oct 2010 11:05:34 -0400
My gut feel here is that we gain a lot more by merging the work done here into ESAPI. CSRFGuard is and has been a great project, but as it stands unmaintained right now (although it is a very simple project, with a very low level of maintenance) it seems to me that a lot of traction and momentum could be gained for the code by merging with the ESAPI project which is one of the more active OWASP Projects AFAIK. This is really just my $0.02 and I don¹t want to discount the work that has been done on CSRF-Guard. As I stated it is a great project and I personally have used it in 3 projects succesfully, but I also think that as such a small project it seems to be an easy one to forget about in the grand scheme of things. On 10/29/10 9:09 AM, "Jim Manico" <jim.manico () owasp org> wrote:
Hello, The OWASP CSRF guard project ( http://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project ) has recently been deemed ³inactive² and I¹m trying to help bring it back to life. I¹m taking a survey of folks who have used CSRFGuard. In particular, I would like to understand any potential modifications CSRFGuard users have had to make in order to implement it successfully for their website. I¹d also like to hear of any success stories of using CSRFGuard out of the box. Any feedback regarding this matter is greatly appreciated. Thanks kindly + Aloha, Jim Manico OWASP Podcast Producer OWASP ESAPI Project Manager http://manico.net _______________________________________________ Esapi-dev mailing list Esapi-dev () lists owasp org https://lists.owasp.org/mailman/listinfo/esapi-dev
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- OWASP CSRFGuard Jim Manico (Oct 29)
- Re: [Esapi-dev] OWASP CSRFGuard Chris Schmidt (Oct 29)
- Re: [Esapi-dev] OWASP CSRFGuard Jim Manico (Oct 29)
- Re: [Esapi-dev] OWASP CSRFGuard Chris Schmidt (Oct 29)