[Owasp-appsensor-project] Additional Detection Points - Additional or Missing Parameters

John Melton jtmelton at gmail.com
Wed Jun 9 22:02:57 EDT 2010


+1 for this, and a specific instance here would be http parameter pollution
(hpp)

On Wed, Jun 9, 2010 at 10:20 AM, Colin Watson <colin.watson at owasp.org>wrote:

> Suggestion to add a new detection point.  Has this already been ruled
> out?  Should it be added?  Is the description/categorization suitable?
>
> Source
> -----------------------------------
> Just another idea, but based on WAF white listing concepts
>
> Description
> -----------------------------------
> A required header or body parameter is missing, or additional
> unexpected parameters are received with the request.
>
> Suggested categorization
> -----------------------------------
> RE5 Additional or Missing Parameters
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100609/228b345e/attachment.html 


More information about the Owasp-appsensor-project mailing list