[Owasp-o2-platform] Example of self-patching .NET code

• Previous message: [Owasp-o2-platform] [Owasp-dotnet] ASP.NET POET Vulnerability
• Next message: [Owasp-o2-platform] Custom versions of O2
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Following an question from an O2 user, I just wrote the following PoC that
shows how the O2 .Net Static Analysis engine can be used to patch in real
time a vulnerable XSS function

http://www.o2platform.com/index.php/Script Example/Patching .NET Code </>

A real world application of this could be to intruduce this check at
pre-code-check-in so that only code with validation goes into production
(this would depend on how invisible one would want this to happen). Another
option could be to do this directly on Visual Studio (but that could have
usability issues)

Dinis Cruz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20100922/ae0fe783/attachment.html 

• Previous message: [Owasp-o2-platform] [Owasp-dotnet] ASP.NET POET Vulnerability
• Next message: [Owasp-o2-platform] Custom versions of O2
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]