[OWASP-TESTING] [***SPAM (header)***] - Re: Contributors - Email found in subject

Jeff Williams jeff.williams at aspectsecurity.com
Tue Aug 1 14:37:44 EDT 2006


Hi Javier,

Do some searching around -- there are a few articles on XSS that need to
be pulled together and consolidated.  We should try to be clear about
what the article is actually about.  Is it a description of an XSS
vulnerability?  Or is it how to test for XSS?  Or is it a countermeasure
article on how to defend an application against XSS (ie.
Validation/Encoding).

We have the same problem with SQL injection right now, but it's getting
cleaned up.  Best thing you can do if you're not sure how to deal with
these collisions is to link to the other articles and indicate that
there might be some overlap.

Thanks,

--Jeff
 
Jeff Williams, CEO
Aspect Security
work: 410-707-1487
main: 301-604-4882

-----Original Message-----
From: owasp-testing-bounces at lists.sourceforge.net
[mailto:owasp-testing-bounces at lists.sourceforge.net] On Behalf Of Javier
Fernandez-Sanguino
Sent: Tuesday, August 01, 2006 2:15 PM
To: Eoin
Cc: owasp-testing at lists.sourceforge.net
Subject: [***SPAM (header)***] - Re: [OWASP-TESTING] Contributors -
Email found in subject

Eoin dijo:
> Hi if you want your name here drop me a line and tell me what part you
did....

Hi there,

IIRC I wrote:
http://www.owasp.org/index.php/Application_configuration_management_test
ing
http://www.owasp.org/index.php/Infrastructure_configuration_management_t
esting
and contributed to
http://www.owasp.org/index.php/Testing_for_Old%2C_backup_and_unreference
d_files

I wrote a section on XSS a while back, but seems to be different than
http://www.owasp.org/index.php/Testing_for_Cross_site_scripting_vulnerab
ilities
so I will use the wiki and expand that with the one I wrote back in 2004

and some other info.


Regards

Javier


------------------------------------------------------------------------
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share
your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDE
V
_______________________________________________
owasp-testing mailing list
owasp-testing at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/owasp-testing




More information about the Owasp-testing mailing list