[Owasp-leaders] Query Parameterization Examples

Jim Manico jim.manico at owasp.org
Thu Nov 17 15:01:35 EST 2011


I was very specific in the abridged XSS Cheatsheet NOT to mention ESAPI
and only talk about Encoding in a generic fashion.

https://www.owasp.org/index.php/Abridged_XSS_Prevention_Cheat_Sheet#Output_Encoding_Types

Anyone who can help make this encoding chart better, I'd be grateful for
your help.

- Jim

> So how do you escape apart from using esapi??? 
> Ala the xss cheatsheet fork???
>
>
>  
>
> On 17 Nov 2011, at 18:59, Jim Manico <jim.manico at owasp.org> wrote:
>
>> Hello,
>>
>> I'm putting together a "quick reference" page that shows how to do
>> query parameterization in as many web languages as possible.
>>
>> I have Java and .NET covered, but if you have a good query
>> parameterization code snippet in any other language, can you please
>> send it my way? I'll be sure to publish all results on OWASP.org soon.
>>
>> Thanks all,
>>
>> --
>> Jim Manico
>> (808) 652-3805
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders


-- 
Jim Manico

Connections Committee Chair
Cheatsheet Series Product Manager
OWASP Podcast Producer/Host

jim at owasp.org
www.owasp.org



More information about the OWASP-Leaders mailing list