This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Client Side Testing"
(Created page with "{{Template:OWASP Testing Guide v4}} == Brief Summary == <br> ..here: we describe in "natural language" what we want to test. <br> == Description of the Issue == <br> ...her...") |
|||
| (13 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{Template:OWASP Testing Guide v4}} | {{Template:OWASP Testing Guide v4}} | ||
| + | ''' 4.12 Client-Side Testing ''' | ||
| + | ---- | ||
| − | + | Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client-side is distinct from executing on the server and returning the subsequent content. | |
| − | + | ||
| − | + | The following articles describe how to conduct a Client-Side test of a web application: | |
| − | + | ||
| − | + | ||
| − | + | [[Testing for DOM-based Cross site scripting (OTG-CLIENT-001)|4.12.1 Testing for DOM based Cross Site Scripting (OTG-CLIENT-001)]] | |
| − | ... | + | |
| − | + | [[Testing for JavaScript Execution (OTG-CLIENT-002)|4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)]] | |
| − | + | ||
| − | + | [[Testing for HTML Injection (OTG-CLIENT-003)|4.12.3 Testing for HTML Injection (OTG-CLIENT-003)]] | |
| − | ... | + | |
| − | + | [[Testing for Client Side URL Redirect (OTG-CLIENT-004)|4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)]] | |
| − | ... | + | |
| − | + | [[Testing_for_CSS_Injection (OTG-CLIENT-005)|4.12.5 Testing for CSS Injection (OTG-CLIENT-005)]] | |
| − | + | ||
| − | .. | + | [[Testing_for_Client_Side_Resource_Manipulation (OTG-CLIENT-006)|4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)]] |
| − | + | ||
| − | .. | + | [[Test Cross Origin Resource Sharing (OTG-CLIENT-007)|4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)]] |
| + | |||
| + | [[Testing for Cross site flashing (OTG-CLIENT-008)|4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)]] | ||
| + | |||
| + | [[Testing for Clickjacking (OTG-CLIENT-009)|4.12.9 Testing for Clickjacking (OTG-CLIENT-009)]] | ||
| + | |||
| + | [[Testing WebSockets (OTG-CLIENT-010)|4.12.10 Testing WebSockets (OTG-CLIENT-010)]] | ||
| + | |||
| + | [[Test Web Messaging (OTG-CLIENT-011)|4.12.11 Test Web Messaging (OTG-CLIENT-011)]] | ||
| + | |||
| + | [[Test Local Storage (OTG-CLIENT-012)|4.12.12 Test Local Storage (OTG-CLIENT-012)]] | ||
Latest revision as of 12:25, 5 August 2014
This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project
4.12 Client-Side Testing
Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client-side is distinct from executing on the server and returning the subsequent content.
The following articles describe how to conduct a Client-Side test of a web application:
4.12.1 Testing for DOM based Cross Site Scripting (OTG-CLIENT-001)
4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)
4.12.3 Testing for HTML Injection (OTG-CLIENT-003)
4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)
4.12.5 Testing for CSS Injection (OTG-CLIENT-005)
4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)
4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)
4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)
4.12.9 Testing for Clickjacking (OTG-CLIENT-009)
4.12.10 Testing WebSockets (OTG-CLIENT-010)
