[Owasp-guide] Volunteering for Output Encoding Chapter

vanderaj vanderaj vanderaj at owasp.org
Thu May 17 03:08:04 UTC 2012


Building Standards are not demolishing nor testing standards. I do not
agree - terms in our headings must be for the building / dev mindset first.

thanks,
Andrew

On Thu, May 17, 2012 at 1:02 PM, Abraham Kang <abraham.kang at owasp.org>wrote:

> I think output encoding can apply to any executable context including
> command line output, xml, shell script, sql.  If the chapter is to focused
> on xss, I can modify it.
>
> --Abe
> On May 14, 2012 8:10 PM, "Jim Manico" <jim.manico at owasp.org> wrote:
>
>>  Abe,
>>
>> Can we rename the output encoding section and call it "XSS Prevention"
>> instead?
>>
>> Complete XSS prevention requires validation, HTML policy validation,
>> proper JSON parsing and a host of other techniques other than just output
>> encoding.
>>
>> Fair? Interested?
>>
>> Aloha,
>> Jim
>>
>>
>>  I want to volunteer to take the Output Encoding Chapter.  I added the
>> chapter a while ago but it has been sitting idle.
>>
>> The content is pretty much done but may need minor reorganization.
>>
>> Regards,
>> Abe
>>
>>
>>
>>
>> _______________________________________________
>> Owasp-guide mailing listOwasp-guide at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-guide
>>
>>
>>
>> --
>> Jim Manico
>>
>> Connections Committee Chair
>> Cheatsheet Series Product Manager
>> OWASP Podcast Producer/Host
>>
>> jim at owasp.org
>> www.owasp.org
>>
>
> _______________________________________________
> Owasp-guide mailing list
> Owasp-guide at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-guide
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-guide/attachments/20120517/7f2325b9/attachment.html>


More information about the Owasp-guide mailing list