[Esapi-dev] Classic ASP's "HomoXSSuality"

Chris Schmidt chrisisbeef at gmail.com
Mon Sep 13 14:33:26 EDT 2010


  I think the IDL route may be the right way to go here - or at least a 
good place to start. I am looking into it in some greater detail. This 
will probably come with the hudson CI integration with Google Code - or 
some version of it anyhow.

At bare minimum - I know there are build and test plugins for 
Java/PHP/Javascript and I think even .NET

On 9/13/2010 12:27 PM, Patrick Higgins wrote:
> On Sat, Sep 11, 2010 at 12:40 PM, Chris Schmidt<chrisisbeef at gmail.com>  wrote:
>> On a related not - is anyone aware of any tool to build a language agnostic
>> set of tests that can be applied to a codebase? My first thought would be
> I don't know of a tool for this, but I would just write regression
> tests that take in an input file, processes it, and write out an
> output file which is compared to a known correct answer.
>
> Then, we just have to maintain the input file and correct answers once
> for all languages, and write a test harness for reading input files
> and writing output files in each language along with the code to run
> the specific tests on each file. It's not a trivial effort, but it's a
> pretty clean and simple way to attack the problem. The biggest issue I
> know of with that approach is dealing with platform differences in
> end-of-line characters.
>
> --Patrick



More information about the Esapi-dev mailing list