This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User contributions
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)
- 12:50, 14 June 2019 (diff | hist) . . (+9) . . Talk:Benchmark (current)
- 20:35, 13 June 2019 (diff | hist) . . (+9) . . m Talk:Benchmark
- 20:34, 13 June 2019 (diff | hist) . . (+530) . . Talk:Benchmark (the app would have to decode Referer before reflecting it in order to be abused)
- 16:40, 14 November 2018 (diff | hist) . . (+308) . . Talk:Benchmark (+cache poisoning for XSS via unconventional headers)
- 00:00, 13 November 2018 (diff | hist) . . (+1) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check) (current)
- 23:59, 12 November 2018 (diff | hist) . . (+401) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check: limit to authenticated actions)
- 22:32, 12 November 2018 (diff | hist) . . (+29) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check)
- 22:30, 12 November 2018 (diff | hist) . . (+12) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check)
- 22:29, 12 November 2018 (diff | hist) . . (+80) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check)
- 22:28, 12 November 2018 (diff | hist) . . (+8) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link host argument against the Referer/Origin check)
- 22:27, 12 November 2018 (diff | hist) . . (+1,462) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link host argument against the Referer/Origin check: new section)
- 00:42, 27 May 2018 (diff | hist) . . (+159) . . m Testing for HTTP Verb Tampering (OTG-INPVAL-003) (recover the link's PDF sub-link) (current)
- 04:06, 7 February 2018 (diff | hist) . . (+2) . . m SQL Injection Prevention Cheat Sheet (→Defense Option 4: Escaping All User-Supplied Input: reflect absence of concrete codecs in the "active" ESAPI)
- 04:04, 7 February 2018 (diff | hist) . . (+25) . . m SQL Injection Prevention Cheat Sheet (→Defense Option 4: Escaping All User-Supplied Input: reflect absence of concrete codecs in the "active" ESAPI)
- 03:51, 7 February 2018 (diff | hist) . . (-94) . . m SQL Injection Prevention Cheat Sheet (→Defense Option 4: Escaping All User-Supplied Input: sync with project moves, use a descriptive style)
- 03:43, 7 February 2018 (diff | hist) . . (-22) . . m SQL Injection Prevention Cheat Sheet (Avoid cross-border injection)
- 12:37, 17 July 2017 (diff | hist) . . (-1,084) . . Talk:Benchmark (Clean up and agree)
- 16:49, 2 June 2017 (diff | hist) . . (+42) . . m Clickjacking Defense Cheat Sheet (→Best-for-now Legacy Browser Frame Breaking Script: bring a backup copy instead of the site failure)
- 13:53, 1 June 2017 (diff | hist) . . (-6) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:54, 31 May 2017 (diff | hist) . . (-35) . . Top 10-2017 A7-Cross-Site Scripting (XSS) (Clarify introduction.)
- 19:31, 31 May 2017 (diff | hist) . . (+287) . . Top 10-2017 A7-Cross-Site Scripting (XSS) (Clarify automation challenges.)
- 19:18, 31 May 2017 (diff | hist) . . (+40) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:13, 31 May 2017 (diff | hist) . . (-26) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:09, 31 May 2017 (diff | hist) . . (-22) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:06, 31 May 2017 (diff | hist) . . (+26) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:02, 31 May 2017 (diff | hist) . . (+6) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:00, 31 May 2017 (diff | hist) . . (0) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:00, 31 May 2017 (diff | hist) . . (+231) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 18:54, 31 May 2017 (diff | hist) . . (+505) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 18:40, 31 May 2017 (diff | hist) . . (+72) . . Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.) (Tag: Visual edit: Switched)
- 16:57, 30 May 2017 (diff | hist) . . (+1) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
- 14:13, 30 May 2017 (diff | hist) . . (+8) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
- 14:11, 30 May 2017 (diff | hist) . . (+25) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
- 14:11, 30 May 2017 (diff | hist) . . (+993) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
- 20:50, 29 March 2017 (diff | hist) . . (+790) . . N Talk:Mobile Top 10 2016-Top 10 (+screen capture attack) (current)
- 14:34, 28 March 2017 (diff | hist) . . (-15) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Identifying cross-origin requests)
- 15:02, 27 March 2017 (diff | hist) . . (+445) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Identifying cross-origin requests: Clarified)
- 14:53, 20 March 2017 (diff | hist) . . (+259) . . m Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Double Submit Cookie: +a limitation in the Double Submit Cookie guard)
- 14:49, 20 March 2017 (diff | hist) . . (+253) . . Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Double Submit Cookie: +a limitation in the Double Submit Cookie guard)
- 18:44, 10 March 2017 (diff | hist) . . (+578) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (+ Identifying cross-origin requests)
- 17:57, 10 March 2017 (diff | hist) . . (+271) . . m Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→Checking the Origin Header: +no Origin header sent by IE within a trusted zone)
- 17:51, 20 October 2016 (diff | hist) . . (+123) . . m Talk:Benchmark
- 17:49, 20 October 2016 (diff | hist) . . (+1) . . m Talk:Benchmark
- 17:49, 20 October 2016 (diff | hist) . . (+924) . . Talk:Benchmark (→Request headers in XSS attacks: emphasize my doubt in Referer attacks)
- 20:00, 5 August 2016 (diff | hist) . . (-3) . . m Talk:Benchmark (→The meaning of the diagonal: follow the meaning of FPR and TPR instead of attributing misunderstood meanings)
- 01:34, 26 July 2016 (diff | hist) . . (+585) . . Talk:Benchmark (→Request headers in XSS attacks: new section)
- 01:34, 14 July 2016 (diff | hist) . . (-7) . . m Talk:Benchmark
- 01:31, 14 July 2016 (diff | hist) . . (+7) . . m Talk:Benchmark
- 01:28, 14 July 2016 (diff | hist) . . (+28) . . m Talk:Benchmark
- 01:24, 14 July 2016 (diff | hist) . . (0) . . m Talk:Benchmark
(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)