This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Client Side Testing"

From OWASP
Jump to: navigation, search
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Template:OWASP Testing Guide v4}}
 
{{Template:OWASP Testing Guide v4}}
  
''' 4.15 Client-Side Testing '''
+
''' 4.12 Client-Side Testing '''
 
----
 
----
  
Client-Side Testing
+
Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client-side is distinct from executing on the server and returning the subsequent content.
  
The following articles describe details on how to conduct a Client-Side test:
+
The following articles describe how to conduct a Client-Side test of a web application:
  
[[Testing for DOM-based Cross site scripting  (OWASP-DV-003)|4.15.1 Testing for DOM based Cross Site Scripting  (OTG-CLIENT-001)]]
 
  
[[Testing for JavaScript Execution|4.15.2 Testing for JavaScript Execution (OWASP-CS-002)]]  
+
[[Testing for DOM-based Cross site scripting  (OTG-CLIENT-001)|4.12.1 Testing for DOM based Cross Site Scripting  (OTG-CLIENT-001)]]
  
[[Testing for HTML Injection|4.15.3 Testing for HTML Injection (OWASP-CS-003)]]  
+
[[Testing for JavaScript Execution (OTG-CLIENT-002)|4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)]]  
  
[[Testing for Client Side URL Redirect|4.15.4 Testing for Client Side URL Redirect (OWASP-CS-004)]]  
+
[[Testing for HTML Injection (OTG-CLIENT-003)|4.12.3 Testing for HTML Injection (OTG-CLIENT-003)]]  
  
[[Testing_for_CSS_Injection|4.15.5 Testing for CSS Injection (OWASP-CS-005)]]  
+
[[Testing for Client Side URL Redirect (OTG-CLIENT-004)|4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)]]  
  
[[Testing_for_Client_Side_Resource_Manipulation|4.15.6 Testing for Client Side Resource Manipulation (OWASP-CS-006)]]  
+
[[Testing_for_CSS_Injection (OTG-CLIENT-005)|4.12.5 Testing for CSS Injection (OTG-CLIENT-005)]]  
  
[[Test Cross Origin Resource Sharing (OTG-CLIENT-002)|4.15.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)]] formerly "Testing for HTML5 (OWASP CS-002)"
+
[[Testing_for_Client_Side_Resource_Manipulation (OTG-CLIENT-006)|4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)]]  
  
[[Testing for Cross site flashing (OWASP-DV-004)|4.15.8 Testing for Cross Site Flashing  (OTG-CLIENT-008)]] formerly "Testing for Cross Site Flashing (OWASP-CS-003)"
+
[[Test Cross Origin Resource Sharing (OTG-CLIENT-007)|4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)]]  
  
[[Testing for Clickjacking (OWASP-CS-004)|4.15.9 Testing for Clickjacking (OTG-CLIENT-009)]] formerly "Testing for Clickjacking (OWASP-CS-004)"
+
[[Testing for Cross site flashing (OTG-CLIENT-008)|4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)]]  
  
[[Testing WebSockets (OTG-CLIENT-005)|4.15.10 Testing WebSockets (OTG-CLIENT-010)]]  
+
[[Testing for Clickjacking (OTG-CLIENT-009)|4.12.9 Testing for Clickjacking (OTG-CLIENT-009)]]  
  
[[Test Web Messaging (OTG-CLIENT-006)|4.15.11 Test Web Messaging (OTG-CLIENT-011)]]  
+
[[Testing WebSockets (OTG-CLIENT-010)|4.12.10 Testing WebSockets (OTG-CLIENT-010)]]  
  
[[Test Local Storage (OTG-CLIENT-007)|4.15.12 Test Local Storage (OTG-CLIENT-012)]]
+
[[Test Web Messaging (OTG-CLIENT-011)|4.12.11 Test Web Messaging (OTG-CLIENT-011)]]
 +
 
 +
[[Test Local Storage (OTG-CLIENT-012)|4.12.12 Test Local Storage (OTG-CLIENT-012)]]

Latest revision as of 12:25, 5 August 2014

This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project


4.12 Client-Side Testing


Client-Side testing is concerned with the execution of code on the client, typically natively within a web browser or browser plugin. The execution of code on the client-side is distinct from executing on the server and returning the subsequent content.

The following articles describe how to conduct a Client-Side test of a web application:


4.12.1 Testing for DOM based Cross Site Scripting (OTG-CLIENT-001)

4.12.2 Testing for JavaScript Execution (OTG-CLIENT-002)

4.12.3 Testing for HTML Injection (OTG-CLIENT-003)

4.12.4 Testing for Client Side URL Redirect (OTG-CLIENT-004)

4.12.5 Testing for CSS Injection (OTG-CLIENT-005)

4.12.6 Testing for Client Side Resource Manipulation (OTG-CLIENT-006)

4.12.7 Test Cross Origin Resource Sharing (OTG-CLIENT-007)

4.12.8 Testing for Cross Site Flashing (OTG-CLIENT-008)

4.12.9 Testing for Clickjacking (OTG-CLIENT-009)

4.12.10 Testing WebSockets (OTG-CLIENT-010)

4.12.11 Test Web Messaging (OTG-CLIENT-011)

4.12.12 Test Local Storage (OTG-CLIENT-012)