[OWASP-WEBGOAT]RE: C# conversion fun in webgoat.net
Mark Curphey
mark at curphey.com
Sat Aug 30 07:50:32 EDT 2003
Hi Guys,
Been busy on the Guide re-write so I kinda lost track of a few things (again
;-()
I think if I recall the last time I left this conversation we were at;
1. Its a good idea to have a .NET version of C#
2. Conversion of the original Goat does not make sense due to its
architecture; the fact that we would want to show .NET techniques and
libraries used in Java Goat.
3. We should keep the lessons in sync but not try and keep parralel versions
per se.
So that said and my realization about Open Source that you need one or two
people only to do the work without lots of cooks in the kitchen, is anyone
interested in just running with this and getting it done ? Only requirements
from OWASP part is the lessons would ultimately be "similar / in sync" to
the Java version. Architecture, coding etc is all your baby.
Please let me know.
----- Original Message -----
From: "Tim Aranki" <tim.aranki at dev-quest.com>
To: "'Andrew van der Stock'" <avanderstock at b-sec.com>; "'Jeff Williams @
Aspect'" <jeff.williams at aspectsecurity.com>; "'Mark Curphey'"
<mark at curphey.com>; "'Bruce Mayhew'" <bruce.mayhew at aspectsecurity.com>;
"'Harbar, Spencer'" <spencer.harbar at dns.co.uk>;
<owasp-webgoat at lists.sourceforge.net>
Sent: Monday, August 04, 2003 9:30 PM
Subject: [OWASP-WEBGOAT]RE: C# conversion fun in webgoat.net
> Hye -
> I have not done a real compare, but what about the
> System.Web.UI.HtmlControls namespace? It has implimentations for all
> the HTML elements... The props/methods may be different, but it would be
> better/faster than re-writing ECS.
>
> There is also a System.Web.UI.HtmlControls.HtmlControl object that we
> can subclass if needed (if there is an element missing, for example).
>
> -tim
>
> -----Original Message-----
> From: Andrew van der Stock [mailto:avanderstock at b-sec.com]
> Sent: Monday, August 04, 2003 8:05 PM
> To: 'Jeff Williams @ Aspect'; 'Mark Curphey'; 'Bruce Mayhew'; 'Harbar,
> Spencer'; owasp-webgoat at lists.sourceforge.net
> Cc: 'Tim Aranki'
> Subject: C# conversion fun in webgoat.net
>
>
> Hi guys,
>
> I've been working on conversion of the goat using the source Mark
> provided to me last week.
>
> We have a small problem in that the code makes extensive use of Jakarta
> Element Construction Set, a nice method to do markup without using
> dropouts to HTML source (a la PHP or old ASP).
>
> http://jakarta.apache.org/ecs/
>
> However, it is *everywhere* through the code, and it uses various
> subclasses such as IMG and so on.
>
> There's three alternatives:
>
> * port ECS (Hard(TM))
> * develop an alternative lightweight framework that is good enough
> * find a way to emulate it so a global search and replace will do the
> job.
>
> The right way? I don't know. I think it'll be faster to work on a hack
> in .NET to emulate it, but I'd be interested in your feedback.
>
> Thanks,
> Andrew
>
>
>
>
>
>
> -------------------------------------------------------
> This SF.Net email sponsored by: Free pre-built ASP.NET sites including
> Data Reports, E-commerce, Portals, and Forums are available now.
> Download today and enter to win an XBOX or Visual Studio .NET.
>
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
> _______________________________________________
> OWASP-WEBGOAT mailing list
> OWASP-WEBGOAT at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/owasp-webgoat
>
More information about the Owasp-webgoat
mailing list