https://wiki.owasp.org/index.php?action=history&feed=atom&title=ESAPI_DotNET_ReadmeESAPI DotNET Readme - Revision history2026-04-21T05:21:49ZRevision history for this page on the wikiMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=ESAPI_DotNET_Readme&diff=79536&oldid=prevDeleted user at 18:36, 10 March 20102010-03-10T18:36:36Z<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:36, 10 March 2010</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l104" >Line 104:</td>
<td colspan="2" class="diff-lineno">Line 104:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><br></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><br></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">[[Category: OWASP Enterprise Security API]]</ins></div></td></tr>
</table>Deleted userhttps://wiki.owasp.org/index.php?title=ESAPI_DotNET_Readme&diff=79533&oldid=prevDeleted user: Created page with ''''OWASP ESAPI - .NET Edition ReadMe''' Release 0.2: August 2009 <br>'''Welcome to the .NET Edition of OWASP ESAPI v0.2''' This document provides information about the .NET Ed…'2010-03-10T18:35:06Z<p>Created page with ''''OWASP ESAPI - .NET Edition ReadMe''' Release 0.2: August 2009 <br>'''Welcome to the .NET Edition of OWASP ESAPI v0.2''' This document provides information about the .NET Ed…'</p>
<p><b>New page</b></p><div>'''OWASP ESAPI - .NET Edition ReadMe'''<br />
<br />
Release 0.2: August 2009<br />
<br />
<br>'''Welcome to the .NET Edition of OWASP ESAPI v0.2'''<br />
<br />
This document provides information about the .NET Edition of OWASP ESAPI. The topics below cover system requirements, additional product information, and application notes. <br />
<br />
The code for the ESAPI is currently in [http://code.google.com/p/owasp-esapi-dotnet/ Google Code]. <br />
<br />
Download the latest .NET ESAPI library binary from Google Code [http://owasp-esapi-dotnet.googlecode.com/files/Esapi.zip here]. <br />
<br />
Download the latest .NET ESAPI documentation from Google Code [http://owasp-esapi-dotnet.googlecode.com/files/Esapi_Documentation.zip here]. It is a zipped .chm (help) file.<br />
<br />
You can also browse the .NET ESAPI documentation [http://alexsmolen.com/dotnetesapidoc/index.html here]<br />
<br />
To download and work with the source you must use an SVN tool.<br />
<br />
[http://ankhsvn.open.collab.net/ AnkhSVN] is a free SVN tool that integrates with Visual Studio. Point your SVN tool at http://owasp-esapi-dotnet.googlecode.com/svn/trunk. Anonymous checkout is supported.<br />
<br />
You can also [http://code.google.com/p/owasp-esapi-dotnet/source/browse browse the source].<br />
<br />
<br>'''System Requirements'''<br />
<br />
The solution is created with VS 2008 and .NET 3.5. However, the actual code should be compatible with .NET 2.0, so it should be simple to get the code to compile in most environments. [[ESAPI.NET_Build_Troubleshooting|Troubleshooting]]<br />
<br />
<br>'''Other Requirements'''<br />
<br />
The .NET Edition of OWASP ESAPI includes a reference implementation which may be tailored or replaced, according to your organization's needs.<br />
<br />
You must also download download and install the latest version of the [http://www.codeplex.com/AntiXSS AntiXss] library.<br />
<br />
<br />
<br>'''Server Recommendations'''<br />
<br />
None<br />
<br />
<br>'''Obtaining the .NET Edition of OWASP ESAPI'''<br />
<br />
There are a couple of ways to get started with the .NET ESAPI. <br />
<br />
If you simply want to start using the functionality, you can download the assembly from [ Google Code]. You will also need to add the appropriate configuration (see here).<br />
<br />
You can download the solution from Google Code with SVN.<br />
<br />
You will need to download and install the AntiXss library separately, in order to respect the code licensing. <br />
<br />
The SwingSet application requires you to login - just register a username and go. You also need to supply a SMTP host in the web.config file in SwingSet in order to register a user, so that you can get an activation email. I might change this in the released version, since it's sort of a pain. You can just use the external SMTP server for an email account you own and use that - i.e.<br />
<br />
<mailSettings><br />
<smtp from="dot-net-esapi@owasp.com"><br />
<network<br />
host="you fill this part in, for example d.mx.mail.yahoo.com for a yahoo.com mail account"<br />
port="25"<br />
/><br />
</smtp><br />
</mailSettings><br />
<br />
<br />
<br><br />
----<br />
'''OWASP ESAPI - .NET Edition Release Notes'''<br />
<br />
Release 0.2<br />
<br />
August 2009<br />
<br />
<br>'''Welcome to the .NET Edition of OWASP ESAPI v0.2'''<br />
<br />
This document provides information about .NET Edition of OWASP ESAPI v0.2. Browse through the topics below to find out about new features, known issues and limitations for this release.<br />
<br />
Information specific to the changes in this release are captured in this document set. For all other information and for feature details, see the ESAPI <version> programming manual.<br />
<br />
<br>'''New features'''<br />
<br />
This release improve significanlty on the first release. The following components have been redesigned and reimplemented:<br />
<br />
* AccessController<br />
* AccessReferenceMap<br />
* Encoder<br />
* Encryptor<br />
* Esapi<br />
* HttpUtilities<br />
* IntrusionDetector<br />
* Logger<br />
* Randomizer<br />
* SecurityConfiguration<br />
* Validator<br />
<br />
The SwingSet application has also been introduced, to demonstrate how to use the ESAPI as well as showcase other ASP.NET security best practices.<br />
<br />
<br>'''Fixed in this release'''<br />
<br />
* All components have been redesigned - there have been major changes since v0.1.<br />
<br />
<br>'''Known issues'''<br />
<br />
* Canonicalization support is incomplete - only some Codecs support decoding.<br />
* There are only a few ValidationRules.<br />
* AccessController implementation does not provide policy storage.<br />
<br>'''Upgrading from earlier releases'''<br />
<br />
* This version is an entirely different code base. Please completely upgrade all existing implementations.<br />
<br />
<br></div>Deleted user