[Owasp-appsensor-project] AppSensor Guide v2 - Final Review Version Available

Mario Contestabile mario_c at videotron.ca
Sun May 4 13:54:12 UTC 2014


Good day!
 
I am looking for an expanded explanation for item https://www.owasp.org/index.php/AppSensor_DetectionPoints#CIE4:_Carriage_Return_or_Line_Feed_Character_in_File_Request
 
Specifically, POST bodies which would trigger such a detection point; examples would be appreciated.
 
Cheers,
Mario at superconfigure.com
 
 
On 4/28/14, Colin Watson <colin.watson at owasp.org> wrote: 
>  And, that same v1.5 is available as a PDF here:
> 
>    https://www.owasp.org/index.php/File:Owasp-appsensor-guide-v2.pdf
> 
> Colin
> 
> On 19 April 2014 07:57, colin.watson at owasp.org <colin.watson at owasp.org> wrote:
> > PS
> >
> > I will correct pagination, headers and footers, and refresh all fields, once
> > the review is complete.
> >
> > Colin
> >
> > ----- Reply message -----
> > From: "Colin Watson" <colin.watson at owasp.org>
> > To: "owasp-appsensor-project" <owasp-appsensor-project at lists.owasp.org>
> > Subject: AppSensor Guide v2 - Final Review Version Available
> > Date: Fri, Apr 18, 2014 17:52
> >
> > Dear all
> >
> > Further to the schedule announced to this list a month ago, I am
> > pleased to release the final review version. This is currently called
> > v1.5 and is available as usual at:
> >
> >    https://www.owasp.org/index.php/File:Owasp-appensor-guide-v2.doc
> >
> > I have incorporated everything into this v1.5 that I could find that
> > had changed in the current (18 April) Google Docs file which was based
> > on v1.39.
> >
> >
> > Missing parts
> > -------------------
> >
> > I am hoping MC will write the foreword. I will complete the empty file
> > logging format chapter, and replace some of the earlier diagrams with
> > more legible versions.
> >
> > Perhaps someone could write the "About This Guide", and "How To Use
> > This Guide", otherwise they will be dropped.
> >
> > We are aware that DG may not be able to update his introduction, so
> > perhaps need to decide whether to review/edit it or not. I have not
> > reviewed it at all.
> >
> >
> > Review process
> > ----------------------
> >
> > You can download the Word document and edit it individually with track
> > changes on. Or send comments, edits, feedback and additions by email,
> > post or in some other format. You can send thigs to me directly or via
> > this list. I will aggregate all review feedback on 1st May.
> >
> > If someone is able to incorporate/merge/update changes into the Google
> > Docs version, maybe that can also be used for review?
> >
> > Chapter 1 has been reviewed by some people already, and it would be
> > nice if people could begin their efforts elsewhere in the document. If
> > someone wants to create a review log or wiki page to track who looked
> > at what, that would be very welcome. A lot of the text is mine, and
> > just because I wrote it, it doesn't mean it is true, accurate,
> > sensible, understandable or correct. Some parts really do need some
> > critical review.
> >
> > Please let me know if you would like me to email you directly with an
> > alternative format of the document.
> >
> >
> > Release plan
> > -------------------
> >
> > The review period will end on 1st May. I will then publish the v2.0
> > book by 7th May 2014. This will be as a PDF, in Word and also as a
> > Lulu book. Further additions and improvements can be made after that
> > in future versions.
> >
> >
> > Colin
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20140504/f44f4cb9/attachment-0001.html>


More information about the Owasp-appsensor-project mailing list