https://wiki.owasp.org/index.php?title=Cornucopia_-_Ecommerce_Website_-_C_6&feed=atom&action=history
Cornucopia - Ecommerce Website - C 6 - Revision history
2024-03-28T12:26:14Z
Revision history for this page on the wiki
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=Cornucopia_-_Ecommerce_Website_-_C_6&diff=207219&oldid=prev
Dariodf at 16:30, 21 January 2016
2016-01-21T16:30:18Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 16:30, 21 January 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l64" >Line 64:</td>
<td colspan="2" class="diff-lineno">Line 64:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>   </tr></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>   </tr></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></table></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></table></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><div style="padding:5px;background:LightGray;color:White;font-weight:bold;">[[Cornucopia_-_Ecommerce_Website_-_C_5|« Previous Card]] <span style="padding-left:10px;padding-right:10px;">|</span>  [[Cornucopia_-_Ecommerce_Website_-_C|Cornucopia]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_C_7|Next Card »]] </div></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div><div style="padding:5px;background:LightGray;color:White;font-weight:bold;">[[Cornucopia_-_Ecommerce_Website_-_C_5|« Previous Card]] <span style="padding-left:10px;padding-right:10px;">|</span>  [[Cornucopia_-_Ecommerce_Website_-_C|Cornucopia]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_C_7|Next Card »]] </div></div></td></tr>
</table>
Dariodf
https://wiki.owasp.org/index.php?title=Cornucopia_-_Ecommerce_Website_-_C_6&diff=207150&oldid=prev
Dariodf: Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#17365d;">Cornucopia - Ecommerce Website - C 6</span>}} File:Cornucopia_-_Ecommerce_Website_C_6.pn..."
2016-01-21T15:24:46Z
<p>Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#17365d;">Cornucopia - Ecommerce Website - C 6</span>}} File:Cornucopia_-_Ecommerce_Website_C_6.pn..."</p>
<p><b>New page</b></p><div>{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#17365d;">Cornucopia - Ecommerce Website - C 6</span>}}<br />
[[File:Cornucopia_-_Ecommerce_Website_C_6.png|frame|right]]<br />
'''Suit:''' [[Cornucopia_-_Ecommerce_Website_-_C|Cornucopia]]<br />
<br />
'''Card/Value:''' 6<br />
<br />
=== Description: ===<br />
<br />
Aaron can bypass controls because error/exception handling is missing, or is implemented inconsistently or partially, or does not deny access by default (i.e. errors should terminate access/execution), or relies on handling by some other service or system.<br />
<br />
=== Technical Note: ===<br />
<br />
Ensure all forms of error are handled robustly and consistently (e.g. web server, application server, database server, JavaScript, other interpreters). This encompasses:<br />
* Implement generic error messages and use custom error pages.<br />
* The application should handle application errors and not rely on the server configuration.<br />
* Properly free allocated memory when error conditions occur.<br />
* Error handling logic associated with security controls should deny access by default.<br />
* When exceptions occur, fail securely.<br />
<br />
=== References: ===<br />
<br />
<table class="wikitable" style="text-align:center;"><br />
<tr><br />
<th>OWASP SCP</th><br />
<th>OWASP ASVS</th><br />
<th>OWASP AppSensor</th><br />
<th>CAPEC</th><br />
<th>SAFECODE</th><br />
</tr><br />
<tr><br />
<td>[[OWASP_Secure_Coding_Practices_Checklist#109|109]]</td><br />
<td>[[OWASP_Application_Security_Verification_Standard#8.4|8.4]]</td><br />
<td>-</td><br />
<td>[https://capec.mitre.org/data/definitions/54.html 54]</td><br />
<td>[[SAFECode_Practical_Security_Stories#4|4]]</td><br />
</tr><br />
<tr><br />
<td>[[OWASP_Secure_Coding_Practices_Checklist#110|110]]</td><br />
<td></td><br />
<td></td><br />
<td>[https://capec.mitre.org/data/definitions/98.html 98]</td><br />
<td>[[SAFECode_Practical_Security_Stories#11|11]]</td><br />
</tr><br />
<tr><br />
<td>[[OWASP_Secure_Coding_Practices_Checklist#111|111]]</td><br />
<td></td><br />
<td></td><br />
<td>[https://capec.mitre.org/data/definitions/164.html 164]</td><br />
<td>[[SAFECode_Practical_Security_Stories#23|23]]</td><br />
</tr><br />
<tr><br />
<td>[[OWASP_Secure_Coding_Practices_Checklist#112|112]]</td><br />
<td></td><br />
<td></td><br />
<td></td><br />
<td></td><br />
</tr><br />
<tr><br />
<td>[[OWASP_Secure_Coding_Practices_Checklist#155|155]]</td><br />
<td></td><br />
<td></td><br />
<td></td><br />
<td></td><br />
</tr><br />
</table><br />
<br />
<br />
<br />
<br />
<br />
<div style="padding:5px;background:LightGray;color:White;font-weight:bold;">[[Cornucopia_-_Ecommerce_Website_-_C_5|« Previous Card]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_C|Cornucopia]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_C_7|Next Card »]] </div></div>
Dariodf