[Owasp-leaders] Query Parameterization Examples

Eoin eoin.keary at owasp.org
Thu Nov 17 15:03:26 EST 2011


Ah yes excellent.
You always deliver jim.
Aloha.


 

On 17 Nov 2011, at 20:01, Jim Manico <jim.manico at owasp.org> wrote:

> I was very specific in the abridged XSS Cheatsheet NOT to mention ESAPI
> and only talk about Encoding in a generic fashion.
> 
> https://www.owasp.org/index.php/Abridged_XSS_Prevention_Cheat_Sheet#Output_Encoding_Types
> 
> Anyone who can help make this encoding chart better, I'd be grateful for
> your help.
> 
> - Jim
> 
>> So how do you escape apart from using esapi??? 
>> Ala the xss cheatsheet fork???
>> 
>> 
>> 
>> 
>> On 17 Nov 2011, at 18:59, Jim Manico <jim.manico at owasp.org> wrote:
>> 
>>> Hello,
>>> 
>>> I'm putting together a "quick reference" page that shows how to do
>>> query parameterization in as many web languages as possible.
>>> 
>>> I have Java and .NET covered, but if you have a good query
>>> parameterization code snippet in any other language, can you please
>>> send it my way? I'll be sure to publish all results on OWASP.org soon.
>>> 
>>> Thanks all,
>>> 
>>> --
>>> Jim Manico
>>> (808) 652-3805
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> -- 
> Jim Manico
> 
> Connections Committee Chair
> Cheatsheet Series Product Manager
> OWASP Podcast Producer/Host
> 
> jim at owasp.org
> www.owasp.org
> 


More information about the OWASP-Leaders mailing list