[OWASP-GUIDE] RE: [OWASP] site issues, etc
mark at curphey.com
Mon Jun 21 13:32:02 EDT 2004
Thanks. I wished you would have introduced yourself but maybe next time. I
thought it was excellent as well, one of the best I have been too !
Well take care of the things below and I have CC'd the Guide for those
From: Scovetta, Michael V [mailto:Michael.Scovetta at ca.com]
Sent: Monday, June 21, 2004 11:51 AM
To: mark at curphey.com
Subject: [OWASP] site issues, etc
First, I'd like to say, "Excellent Conference!" this weekend.
Second, I've been browsing the owasp site, found a few bugs:
1. The "Home" link on the top of the page points to /portal (404)
2. The page http://www.owasp.org/documentation/guide has a link to the Guide
which is also 404
3. The mailing list signup form on:
has an unclosed quote, so it breaks when you try to sign up for the
4. The link http://www.owasp.org/oasis_mission.gif (linked from
http://www.owasp.org/wasxml) is missing (404).
Also, I have a little feedback on the Guide 2.0:
On pages 57-58, it is mentioned to not use GET requests for
passing sensitive information. It should also be noted that passing data in
a POST request isn't secure, doesn't really "hide" the information and
should not be relied upon for passing sensitive information (unless SSL is
used as well).
Senior Application Developer
tel: +1 631 342 3139
cell: +1 813 727 5772
michael.scovetta at ca.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-guide