[OWASP-ESAPI] New Blog Post - Why the InvokerServlet is Evil
chrisisbeef at gmail.com
Thu Dec 10 15:40:27 EST 2009
I posted a new blog entry today on why the Tomcat InvokerServlet is evil, if
you are interested check it out and pass it on. I noted at the end of the
post that I am looking into adding a SecureInvokerServlet in ESAPI that
provides the same functionality as the InvokerServlet with all the security
controls that such a servlet should be performing built in.
OWASP ESAPI Developer
Check out OWASP ESAPI for Java
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-ESAPI