This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category:OWASP Validation Project

From OWASP
Revision as of 18:18, 25 May 2006 by Weilin Zhong (talk | contribs) (Java)

Jump to: navigation, search

Most web application platforms do not include features to validate user input. This leaves many organizations to craft their own validation mechanisms, often incomplete, flawed, and inefficient.

The OWASP Validation Project was created to provide guidance and tools related to validation. Our philosophy is that validation is required for every part of the HTTP request, including headers, querystring, cookies, form fields, and hidden fields.

Currently, there are several projects underway to create validation technologies for various technologies. Long term, the project plan is to isolate the validation rules from the engine that implements them, and to provide validation engines for the popular web application environments.


Java

The Stinger library is a full HTTP validation engine. It can be used as a library or as a J2EE filter. The full details are on the OWASP Stinger Project page.

Regex

OWASP has started a repository for useful regular expressions. These expressions are an extremely powerful way to represent a complex set of validation rules. For example, ^/d[5]$ means to match a string of five digits exactly. For details, please see the OWASP Validation Regex Repository

PHP

PHP Filter

WebScarab

WebScarab Parameter Parser

News and Status

 Wed Nov 17 15:27:39 EST 2004
 The validation project was started to pull together a number of validation related articles, tools, and techniques for a variety of technologies under one umbrella.
 The validation project is run by the OWASP Germany Chapter. The project leader and coordinator is Ali Mabrouk.

Feedback and Participation

We hope you find the Validation project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the Validation mailing list. Thanks!

To join the OWASP Validation mailing list or view the archives, please visit the subscription page.

Subcategories

This category has the following 2 subcategories, out of 2 total.

O

Media in category "OWASP Validation Project"

This category contains only the following file.