[Owasp-esapi-ruby] So, let's start...

Paolo Perego thesp0nge at owasp.org
Fri Jun 4 04:39:54 EDT 2010


Hi there.
In those days I'm working to a enhance project website[1] to improve
user experience.
The first project step, as roadmap says, is to analyze Esapi
architecture and study esapi-java that is the most mature software
implementation for Esapi principles.

We need to understand the basic service the API must provide and an
overall architecture for them.

I'd like to spend a word for owasp-esapy-ruby and rails integration.
As we will deliver a gem, I'd like to release an owasp-esapi-ruby
binary script to help in the API usage.
I'm thinking this script can have some option to create a web app
skeleton that makes easy, APIs usage.
A sort of:
$ owasp-esapi-ruby --generate-rails appname -> it calls rails to
create a rails skeleton adding security apis
$ owasp-esapi-ruby --generate-plain appname -> the same without the
rails part :-)

What do you think?
Does it make sense?


[1] http://thesp0nge.github.com/owasp-esapi-ruby

Paolo
-- 
"... static analysis is fun, again!"

OWASP Orizon project leader, http://github.com/owasp-orizon
Owasp Italy R&D director


More information about the Owasp-esapi-ruby mailing list