[OWASP-wiki-editors] The OWASP Top Ten Cheat Sheet

Jim Manico jim.manico at owasp.org
Mon Aug 18 23:08:13 UTC 2014


I'll also drop this as a "production" cheat sheet and demote it back to 
"draft" until it's updated.

Aloha,
Jim

On 8/18/14, 6:19 AM, Neil Smithline wrote:
> You're right Ismael. The cheatsheet is for the 2010 T10, not the 2013. 
> I didn't catch that <blush>
>
> I tagged the page as old so others won't get confused. I wonder if the 
> page will drop in popularity now that I've tagged it?
>
>
> Neil Smithline
> 408-634-5764
> http://www.neilsmithline.com <http://www.neilsmithline.com/>
>
>
> On Fri, Aug 15, 2014 at 6:59 PM, Ismael Rocha Gonçalves 
> <ismaelrg at gmail.com <mailto:ismaelrg at gmail.com>> wrote:
>
>     A major one is to update to version Top Ten 2013 =)
>
>     Ismael Goncalves
>     http://sharingsec.blogspot.com
>
>     On Fri, Aug 15, 2014 at 3:42 PM, Neil Smithline
>     <neil.smithline at owasp.org <mailto:neil.smithline at owasp.org>> wrote:
>
>         I've wrestled with the Mediawiki formatting beast before and
>         would be happy - OK, not "happy", let's say"willing" - help.
>
>         I see a few separate tasks that need to be done:
>         1) "Theming" of the table. I think that the format of the
>         table at the top of a T10 page (eg:
>         https://www.owasp.org/index.php/Top_10_2013-A3) should be
>         followed.
>         2) Formatting of each entry. The current format, a single
>         table with each T10 risk on a single line, needs some
>         tweaking. I'm thinking that a separate themed table for each
>         entry might make sense. I'm considering something like
>         http://gyazo.com/53fc6cc8161695f8bd972272e7a9aa26 where each
>         entry is themed to look like the table in the top of a T10 entry.
>         3) Cross-linking with the T10 and rest of the wiki. I know
>         that this is supposed to be a cheat sheet but if it is used
>         online, it should be linked. This includes:
>           - Linking each T10 entry should link to the corresponding page.
>           - Linking the testing references to their pages (eg: we
>         should link to
>         https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)
>         <https://www.owasp.org/index.php/Testing_for_SQL_Injection_%28OTG-INPVAL-005%29>).
>           - Perhaps more...
>         4) Changes to better support different page widths. It may be
>         that reformatting the tables as described in (2) above makes
>         the table work well at different page widths. If not, we'll
>         consider other changes.
>
>         I'll make a copy of this page and reformat it. I'll then reply
>         to this email with a link to the new page for review.
>
>         Neil
>
>         PS: I hadn't seen this page before. It's a good idea.
>
>
>
>         Neil Smithline
>         408-634-5764 <tel:408-634-5764>
>         http://www.neilsmithline.com <http://www.neilsmithline.com/>
>
>
>         On Thu, Aug 14, 2014 at 4:25 PM, Bill Sempf
>         <bill.sempf at owasp.org <mailto:bill.sempf at owasp.org>> wrote:
>
>             Hi, folks!
>
>             I love the OWASP Top Ten Cheat Sheet, and it is one of the
>             most popular pages on the OWASP Site this month.
>
>             https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet
>
>             The table layout, however, is a little 90s.  Can we
>             collaborate on a more contemporary look perhaps using
>             colored blocks, with better spacing for larger monitors,
>             and drop the borders? The content is excellent but as this
>             is one of the landing pages for 1000s of users we should
>             try and make it snap.
>
>             Let me know if I can help!
>
>             S
>
>             _______________________________________________
>             OWASP-wiki-editors mailing list
>             OWASP-wiki-editors at lists.owasp.org
>             <mailto:OWASP-wiki-editors at lists.owasp.org>
>             https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors
>
>
>
>
>
>     -- 
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-wiki-editors/attachments/20140818/ec8e36b9/attachment.html>


More information about the OWASP-wiki-editors mailing list