This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Client Side Testing"
(11 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:OWASP Testing Guide v4}} | {{Template:OWASP Testing Guide v4}} | ||
− | ''' 4. | + | ''' 4.12 Client-Side Testing ''' |
---- | ---- | ||
− | Client-Side | + | Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client-side is distinct from executing on the server and returning the subsequent content. |
− | The following articles describe | + | The following articles describe how to conduct a Client-Side test of a web application: |
− | |||
− | [[ | + | [[Testing for DOM-based Cross site scripting (OTG-CLIENT-001)|4.12.1 Testing for DOM based Cross Site Scripting (OTG-CLIENT-001)]] |
− | [[Testing for | + | [[Testing for JavaScript Execution (OTG-CLIENT-002)|4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)]] |
− | [[Testing | + | [[Testing for HTML Injection (OTG-CLIENT-003)|4.12.3 Testing for HTML Injection (OTG-CLIENT-003)]] |
− | [[ | + | [[Testing for Client Side URL Redirect (OTG-CLIENT-004)|4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)]] |
− | [[ | + | [[Testing_for_CSS_Injection (OTG-CLIENT-005)|4.12.5 Testing for CSS Injection (OTG-CLIENT-005)]] |
− | [[|]] | + | [[Testing_for_Client_Side_Resource_Manipulation (OTG-CLIENT-006)|4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)]] |
+ | |||
+ | [[Test Cross Origin Resource Sharing (OTG-CLIENT-007)|4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)]] | ||
+ | |||
+ | [[Testing for Cross site flashing (OTG-CLIENT-008)|4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)]] | ||
+ | |||
+ | [[Testing for Clickjacking (OTG-CLIENT-009)|4.12.9 Testing for Clickjacking (OTG-CLIENT-009)]] | ||
+ | |||
+ | [[Testing WebSockets (OTG-CLIENT-010)|4.12.10 Testing WebSockets (OTG-CLIENT-010)]] | ||
+ | |||
+ | [[Test Web Messaging (OTG-CLIENT-011)|4.12.11 Test Web Messaging (OTG-CLIENT-011)]] | ||
+ | |||
+ | [[Test Local Storage (OTG-CLIENT-012)|4.12.12 Test Local Storage (OTG-CLIENT-012)]] |
Latest revision as of 12:25, 5 August 2014
This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project
4.12 Client-Side Testing
Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client-side is distinct from executing on the server and returning the subsequent content.
The following articles describe how to conduct a Client-Side test of a web application:
4.12.1 Testing for DOM based Cross Site Scripting (OTG-CLIENT-001)
4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)
4.12.3 Testing for HTML Injection (OTG-CLIENT-003)
4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)
4.12.5 Testing for CSS Injection (OTG-CLIENT-005)
4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)
4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)
4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)
4.12.9 Testing for Clickjacking (OTG-CLIENT-009)
4.12.10 Testing WebSockets (OTG-CLIENT-010)