[Owasp-leaders] Wrong info PHP Token generators on OWASP wiki page

johanna curiel curiel johanna.curiel at owasp.org
Wed May 18 22:39:07 UTC 2016


This is the twit regarding insecure token generators on OWASP wiki:
https://twitter.com/FreekPaans/status/724228053325484032

I have replied asking the person to tell us whats wrong and I have added a
label for review on the wiki

A kind OWASP member have already sent me some info that seems to be wrong
such as to change:

  /<form(.*?)>(.*?)<\\/form>/is
to
 /<form([^>]*)>([^<]*)<\\/form>/is

I'll check this further with other PHP folks

regards

Johanna


On Wed, May 18, 2016 at 3:01 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> Someone on twitter posted that the info regarding the Token generator
> described here is wrong
> https://www.owasp.org/index.php/PHP_CSRF_Guard
>
> @wikieditors: Could anyone confirm this and for the wiki editors, flag
> page as incorrect or in need of a review ?
>
> --
> Johanna Curiel
> OWASP Volunteer
>



-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160518/431ce08d/attachment.html>


More information about the OWASP-Leaders mailing list