[Owasp-leaders] [OWASP-wiki-editors] Wrong info PHP Token generators on OWASP wiki page
Jim Manico
jim.manico at owasp.org
Thu May 19 01:17:23 UTC 2016
Forwarded to Matt Tesauro, thank you Johanna.
- Jim
On 5/18/16 3:39 PM, johanna curiel curiel wrote:
>
> This is the twit regarding insecure token generators on OWASP wiki:
> https://twitter.com/FreekPaans/status/724228053325484032
>
> I have replied asking the person to tell us whats wrong and I have
> added a label for review on the wiki
>
> A kind OWASP member have already sent me some info that seems to be wrong
> such as to change:
>
> /<form(.*?)>(.*?)<\\/form>/is
> to
> /<form([^>]*)>([^<]*)<\\/form>/is
>
> I'll check this further with other PHP folks
>
> regards
>
> Johanna
>
>
> On Wed, May 18, 2016 at 3:01 PM, johanna curiel curiel
> <johanna.curiel at owasp.org <mailto:johanna.curiel at owasp.org>> wrote:
>
> Someone on twitter posted that the info regarding the Token
> generator described here is wrong
> https://www.owasp.org/index.php/PHP_CSRF_Guard
>
> @wikieditors: Could anyone confirm this and for the wiki editors,
> flag page as incorrect or in need of a review ?
>
> --
> Johanna Curiel
> OWASP Volunteer
>
>
>
>
> --
> Johanna Curiel
> OWASP Volunteer
>
>
> _______________________________________________
> OWASP-wiki-editors mailing list
> OWASP-wiki-editors at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160518/0e19eb2a/attachment.html>
More information about the OWASP-Leaders
mailing list