This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Focus"

From OWASP
Jump to: navigation, search
Line 39: Line 39:
 
3. It is important to note that you the index.html is only used as a place holder for the web site. It only has limited use for things such as DWR.
 
3. It is important to note that you the index.html is only used as a place holder for the web site. It only has limited use for things such as DWR.
  
4. all other third party applications we will put in the Includes.js file under generic.3rdParty.
+
4. All other third party applications we will put in the Includes.js file under generic.3rdParty.
  
 
{{:Projects/OWASP_Focus}}  
 
{{:Projects/OWASP_Focus}}  
  
 
[[Category:OWASP Project]]
 
[[Category:OWASP Project]]

Revision as of 00:43, 25 January 2013

Main

The goal of this project is to build a secure applications framework based off of JAVA and .NET architectures but written in javascript utilizing DOM and json as its foundation. This will allow JAVA and .NET programmers the ability to use their current programming methodologies via javascript .js files. See the Roadmap OWASP Focus Roadmap for more information on our plans.

Web Security Overview

While Java and .NET contain many security technologies for back-end development, it has not been so easy for back-end programmers to produce flexible front-end application without security vulnerabilities. Most application security vulnerabilities apply to developers not being able to code the front-end the same as the back-end with consistent coding methodologies. Notable this is because they are using different API frameworks for coding back-end (JAVA) verses front-end (JavaScript json/dom).

There are a lot of articles with tons of information regarding JavaScript and web UI programming vulnerabilities here at OWASP, however, this project is intended to provide a set of client side API's familiar to JAVA and .NET programmers along with built in OWASP best practices. This will enable them to write more secure code with little or no vulnerabilities.

Resources

<tbd>

Roadmap

The OWASP Focus overall goal is to...

  1. Create a core structure of how interface components will be built.
  2. Create an accessibility API for allowing other technologies interactive capabilities.
  3. Create a way to organize these APIs for various categories such as look-and-feel, events and so on.

Current Tasks

  • Call for volunteers - Join the mailing list and get started!


Ideas

Please submit your high level ideas or what you would like to see added to this project for future releases.

Installation and configuration notes

This should work in any web server so it should be easy to get up and running.

1. After you have downloaded the latest code you should be able to explode the jar file and place it in your web container.

2. You can either use the index.html or copy and paste the contents from the provided index.html. (Note if you are not going to use DWR you can remove the following:

<script language="javascript1.2" type="text/javascript" src="/dwr/engine.js"></script>

<script language="javascript1.2" type="text/javascript" src="/dwr/util.js"></script>

3. It is important to note that you the index.html is only used as a place holder for the web site. It only has limited use for things such as DWR.

4. All other third party applications we will put in the Includes.js file under generic.3rdParty.



PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Focus (home page)
Purpose: Create a new intermediate language based off of Swing and .NET but written in javascript utilizing DOM and json. Allowing JAVA and .NET programmers to use their current programming methodologies via javascript .js files.
License: GNU GPL v3 License
who is working on this project?
Project Leader(s):
  • Jim McCallson @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Jim McCallson @ to contribute to this project
  • Contact Jim McCallson @ to review or sponsor this project
current release
http://sourceforge.net/projects/owaspfocus/
last reviewed release
Not Yet Reviewed


other releases