WebApp Sec mailing list archives
AppSec FAQ at OWASP
From: "Sangita Pakala" <sangita.pakala () paladion net>
Date: Wed, 28 Jan 2004 19:52:56 +0530
Hi, The OWASP site has published a new Appsec FAQ that answers common questions on web application security. The lively discussions in this mailing list were the inspiration for the FAQ. You can read the FAQ at: http://www.owasp.org/documentation/appsecfaq The current version has sections on SQL Injection, XSS, Login Issues, Browser Cache etc. It includes questions like: Is it really required to redirect the user to a new page after login? Why can't I trust the information coming from the browser? How can the browser cache be used in attacks"? Are Java servlets vulnerable to SQL injection? How can my "Forgot Password" feature be exploited? As with all other OWASP initiatives, we'd like your participation to improve this FAQ. Please send your suggestions to owasp () owasp org with subject "OWASP AppSec FAQ". Thanks to OWASP team and especially Mark Curphey, David Raphael and Ben Poweski for helping us bring the FAQ online. Regards, Sangita Sangita Pakala Paladion Networks http://www.paladion.net P.S.- Just resending it in plain text, Mark.
Current thread:
- AppSec FAQ at OWASP Sangita Pakala (Jan 28)
- <Possible follow-ups>
- RE: AppSec FAQ at OWASP Sangita Pakala (Jan 29)
- RE: AppSec FAQ at OWASP Ulf Härnhammar (Jan 29)
- Re: AppSec FAQ at OWASP オマル イスマイル (Jan 29)
- Re: AppSec FAQ at OWASP Laurian Gridinoc (Jan 30)