owasp
CSRF, XSS and SQL Injection attack prevention in JSF
I have a web application built on JSF with MySQL as DB. I have already implemented the code to prevent CSRF in my开发者_运维百科 application.[详细]
2023-04-12 07:53 分类:问答Do I need to call MessageDigest.reset() before using it?
The question is simple: when should I call the reset() function on the java class MessageDigest? The question mainly comes from the OWASP reference, where in a code sample, they do:[详细]
2023-04-08 19:56 分类:问答Apache Shiro & Java Security for Novices
I know next-to-nothing about Java\'s security model, including XML configuration, policy-setting, any security framework components, tools (such as keystore, etc.) and everything in between.[详细]
2023-04-08 04:34 分类:问答Java Security Testing
Is there such a thing as automated security testing in Java? If so, how is it implemented? Is it just JUnit tests written to try and exploit known server vulnerabilities, or are their security-centric[详细]
2023-04-06 05:52 分类:问答playframework owasp top 10
I\'m thinking about using Play for a large-scale project, so, has anyone battle-tested Play framework for OWASP Top 1开发者_JS百科0?Are there any security problems you know of in Play framework?On the[详细]
2023-03-13 11:15 分类:问答GWT SafeHTML, XSS & Best Practices
The good people of OWASP emphasize that you MUST use the escape syntax for the part of the HTML document you’re putting untrusted data into (body, attribute, JavaScript, CSS, or URL). See OWASP - XSS[详细]
2023-03-09 01:34 分类:问答Is having both mod_security and htmlpurifier an overkill?
We had htmlpurifier integrated into our LAMP based product earlier, but it was a bit slow. Recently, we have turned on mod_security. Both of these are part of the OW开发者_JS百科ASP project (owasp use[详细]
2023-03-05 20:33 分类:问答OWASP CsrfGuard token missing while submitting multipart formdata
I have implemented OWASP CsrfGuard 3 filter on an existing Struts 1.1 application, its working fine for every request, except the forms which have a file upload fieldand enctype=\"multipart/form-data\[详细]
2023-02-21 11:50 分类:问答problem in using ESAPI library for XSS prevention
I am trying to prevent XSS attacks in my website for this i am using OWASP ESAPI library .I added jar for thislibrary in classpath and I am getting following error .[详细]
2023-02-03 12:55 分类:问答Insecure Direct Object References and Search Engines
According to OWASP Top 10 List one way to prevent insecure direct object references is to provide only indirect references. These are artificial 开发者_开发技巧references that are mapped to the direct[详细]
2023-01-29 19:27 分类:问答
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......