[Owasp-leaders] Javascript required for OWASP page?

Vlatko Kosturjak kost at linux.hr
Wed Jan 19 10:59:06 EST 2011


On 01/19/2011 04:50 PM, dinis cruz wrote:
> It shows that owasp.org is in the same 'shape' as 90% of the websites
> out there.
> 
> There is a O2 module that shows all the Javascript (files and inline)
> code that is loaded by an owasp.org page (it is quite a list)
> 
> Maybe a good working session for the summit would be to consolidate
> all owasp.org javascripts and add CSP to it
> 
> In fact we should have a 'hack owasp.org and mediawiki' competition at
> the Summit ....... :) :) :)

Especially to find bugs like this (as mediawiki is in PHP):
http://gregorkopf.de/slides_berlinsides_2010.pdf

Kost


More information about the OWASP-Leaders mailing list