This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User contributions
- 22:02, 4 November 2015 (diff | hist) . . (+18) . . m Embedding Null Code (→Example1 – PHP Script: add missing directory traversal, use example hostname) (current)
- 22:13, 1 August 2015 (diff | hist) . . (+113) . . HTTP Strict Transport Security (→Browser Support: HSTS check page)
- 22:09, 1 August 2015 (diff | hist) . . (-72) . . HTTP Strict Transport Security (→Always Use includeSubDomains: This is an attack from site owners against users, therefore setting includeSubdomains does not help, since the attacking site owner would just not do it)
- 11:14, 4 February 2015 (diff | hist) . . (+7) . . HTTP Strict Transport Security (→Server Side: set hsts header also for redirects)
- 12:39, 9 July 2014 (diff | hist) . . (+122) . . HTTP Strict Transport Security (add caniuse.com)
- 14:44, 3 April 2013 (diff | hist) . . (+24) . . m HTTP Strict Transport Security (minor adjustments)
- 12:37, 3 April 2013 (diff | hist) . . (+8) . . m Clickjacking Defense Cheat Sheet (clarify)
- 12:35, 3 April 2013 (diff | hist) . . (-2) . . m Clickjacking Defense Cheat Sheet (fix hierarchy)
- 12:27, 3 April 2013 (diff | hist) . . (+6,320) . . Clickjacking Defense Cheat Sheet (Frame breaking code)
- 12:23, 3 April 2013 (diff | hist) . . (-6,587) . . Clickjacking (move frame busting code to cheat sheet)
- 12:19, 3 April 2013 (diff | hist) . . (-219) . . Clickjacking Defense Cheat Sheet (spelling, redundant content removed)
- 12:12, 3 April 2013 (diff | hist) . . (+168) . . Clickjacking Defense Cheat Sheet (Update Browser Support and other cleanup)
- 13:50, 22 January 2013 (diff | hist) . . (-132) . . m OWASP AJAX Security Guidelines (separate generic and asp server side notes)
- 13:42, 22 January 2013 (diff | hist) . . (-39) . . m OWASP AJAX Security Guidelines (delete empty section)
- 13:03, 22 January 2013 (diff | hist) . . (-15) . . OWASP AJAX Security Guidelines (use capec to explain JSON/JavaScript Hijacking)
- 12:54, 22 January 2013 (diff | hist) . . (+264) . . OWASP AJAX Security Guidelines (mention CSRF protection, use a working link for JavaScript Hijacking)
- 07:54, 26 November 2012 (diff | hist) . . (0) . . HTTP Strict Transport Security (Opera 12 supports HSTS according to Wikipedia)