This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Learn About Encoding Project"
| (20 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | {{ ProjectTabs | | |
| − | + | Proj_About= | |
| + | <br> '''Preamble''' | ||
| + | Starting with projects such as overtime | ||
| − | ''' | + | *'''[[XSS (Cross Site Scripting) Prevention Cheat Sheet]]''' |
| − | + | *[http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/org/owasp/esapi/codecs/?r=364 '''ESAPI Codecs and Encoder'''] | |
| − | |||
| − | |||
| − | |||
| − | * [http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/org/owasp/esapi/codecs/?r=364 ESAPI Codecs and Encoder] | ||
| − | The "OWASP Learn About Encoding Project" has not discovered anything new, but rather wants to emphasize | + | The "OWASP Learn About Encoding Project" has not discovered anything new, but rather wants to emphasize the importance of input sanitize and output escaping. In the network there are often errors in the visualization of pages: you see question marks (?) where it should be accented letters, there are strange characters (i.e. A+tilde, A+umlauts) where this should be the "euro" character, and so way. Not only that: but there are communication channels that allow the exchange of characters not properly controlled: i.e. sms messages, chat messages, voip client, ecc.. often contain values are not consistent. |
| − | the importance of input sanitize and output escaping. In the network there are often errors in the visualization | ||
| − | of pages: you see question marks (?) where it should be accented letters, there are strange characters (i.e. A+tilde, | ||
| − | A+umlauts) where this should be the "euro" character, and so way. Not only that: but there are communication channels | ||
| − | that allow the exchange of characters not properly controlled: i.e. sms messages, chat messages, voip client, ecc.. | ||
| − | often contain values are not consistent. | ||
The use of proper Charset is essential for | The use of proper Charset is essential for | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | *integrity of the data: if we take in input some characters, we want to "see" the same characters in output | |
| − | + | *the prevention of the problem of Canonicalization: the knowledge of Charsets is the first thing to do | |
| − | |||
| − | of | ||
| − | |||
| − | |||
| − | |||
| − | + | <br> '''Goal''' | |
| − | + | This is a project that aims to educate developers, systems analysts or anyone who writes code regarding the knowledge of proper use of Charset and Canonicalization. The project will seek to give a comprehensive response by crossing one another most scenarios highlighting the roles of key players (browser, operating system, database, etc. ..). | |
| + | To achieve this goal we decided to create a tool in three different formats: | ||
| − | + | *web application | |
| − | + | *swing application | |
| − | + | *shell tool | |
| − | + | <br> | |
| − | + | | | |
| − | + | Proj_Documentation= | |
| − | + | <br>'''Why do I have to understand about encoding?''' | |
| + | <br>'''Why do I have to understand about charset?''' | ||
| + | |||
| + | <br> You can find [http://code.google.com/p/learn-about-encoding/w/list '''here'''] some wiki documents. | ||
| − | + | <br> | |
| − | + | ====Download==== | |
| + | <br> The project is hosted by Google Code [http://code.google.com/p/learn-about-encoding '''here'''] | ||
| + | <br> You can download the source code from [http://code.google.com/p/learn-about-encoding/source/checkout '''here''']. | ||
| − | + | <br> | |
| + | <!-- | ||
| + | ====Project Information==== | ||
| + | {{:Key Project Information:OWASP Learn About Encoding Project}} | ||
| + | --> | ||
| + | ==== Project Details ==== | ||
| + | {{:GPC Project Details/OWASP Learn About Encoding Project | OWASP Project Identification Tab}} | ||
| − | |||
| − | + | | | |
| + | Proj_Mail = | ||
| + | <br> | ||
| + | '''A Java security improvement''' | ||
| + | http://blogs.sun.com/CoreJavaTechTips/entry/the_overhaul_of_java_utf | ||
| − | + | <br> | |
| − | |||
| + | | | ||
| + | Proj_Contributors = | ||
| + | <br> | ||
| + | The project hasn't yet a contributor. | ||
| + | <br>If you want to become a contributor start from mailing list: | ||
| + | <br>[https://lists.owasp.org/mailman/listinfo/owasp-learn-about-encoding '''Subscribe here'''] | ||
| + | <br>[mailto:[email protected] '''Use here'''] | ||
| − | [[Category: | + | }} |
| − | [[Category: | + | ''Content license:Creative Commons 3.0 BY-SA - Code license:GNU Lesser General Public License'' |
| − | [[Category: | + | [[Category:OWASP_Project|Learn About Encoding Project]] [[Category:OWASP_Tool]] [[Category:OWASP_Alpha_Quality_Tool]] |
Latest revision as of 22:31, 19 October 2009
About
Preamble
Starting with projects such as overtime
The "OWASP Learn About Encoding Project" has not discovered anything new, but rather wants to emphasize the importance of input sanitize and output escaping. In the network there are often errors in the visualization of pages: you see question marks (?) where it should be accented letters, there are strange characters (i.e. A+tilde, A+umlauts) where this should be the "euro" character, and so way. Not only that: but there are communication channels that allow the exchange of characters not properly controlled: i.e. sms messages, chat messages, voip client, ecc.. often contain values are not consistent.
The use of proper Charset is essential for
- integrity of the data: if we take in input some characters, we want to "see" the same characters in output
- the prevention of the problem of Canonicalization: the knowledge of Charsets is the first thing to do
Goal
This is a project that aims to educate developers, systems analysts or anyone who writes code regarding the knowledge of proper use of Charset and Canonicalization. The project will seek to give a comprehensive response by crossing one another most scenarios highlighting the roles of key players (browser, operating system, database, etc. ..).
To achieve this goal we decided to create a tool in three different formats:
- web application
- swing application
- shell tool
FAQ
Why do I have to understand about encoding?
Why do I have to understand about charset?
You can find here some wiki documents.
Download
The project is hosted by Google Code here
You can download the source code from here.
Project Details
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What does this OWASP project release offer you? | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| ||||||||||||||||||||||
News
A Java security improvement
http://blogs.sun.com/CoreJavaTechTips/entry/the_overhaul_of_java_utf
Contributors/Users
The project hasn't yet a contributor.
If you want to become a contributor start from mailing list:
Subscribe here
Use here
Content license:Creative Commons 3.0 BY-SA - Code license:GNU Lesser General Public License
This category currently contains no pages or media.
