This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User contributions
(newest | oldest) View (newer 20 | older 20) (20 | 50 | 100 | 250 | 500)
- 12:50, 14 June 2019 (diff | hist) . . (+9) . . Talk:Benchmark (current)
- 20:35, 13 June 2019 (diff | hist) . . (+9) . . m Talk:Benchmark
- 20:34, 13 June 2019 (diff | hist) . . (+530) . . Talk:Benchmark (the app would have to decode Referer before reflecting it in order to be abused)
- 16:40, 14 November 2018 (diff | hist) . . (+308) . . Talk:Benchmark (+cache poisoning for XSS via unconventional headers)
- 00:00, 13 November 2018 (diff | hist) . . (+1) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check) (current)
- 23:59, 12 November 2018 (diff | hist) . . (+401) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check: limit to authenticated actions)
- 22:32, 12 November 2018 (diff | hist) . . (+29) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check)
- 22:30, 12 November 2018 (diff | hist) . . (+12) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check)
- 22:29, 12 November 2018 (diff | hist) . . (+80) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link-presenter host with regard to the Referer/Origin check)
- 22:28, 12 November 2018 (diff | hist) . . (+8) . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link host argument against the Referer/Origin check)
- 22:27, 12 November 2018 (diff | hist) . . (+1,462) . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet (→The link host argument against the Referer/Origin check: new section)
- 00:42, 27 May 2018 (diff | hist) . . (+159) . . m Testing for HTTP Verb Tampering (OTG-INPVAL-003) (recover the link's PDF sub-link) (current)
- 04:06, 7 February 2018 (diff | hist) . . (+2) . . m SQL Injection Prevention Cheat Sheet (→Defense Option 4: Escaping All User-Supplied Input: reflect absence of concrete codecs in the "active" ESAPI)
- 04:04, 7 February 2018 (diff | hist) . . (+25) . . m SQL Injection Prevention Cheat Sheet (→Defense Option 4: Escaping All User-Supplied Input: reflect absence of concrete codecs in the "active" ESAPI)
- 03:51, 7 February 2018 (diff | hist) . . (-94) . . m SQL Injection Prevention Cheat Sheet (→Defense Option 4: Escaping All User-Supplied Input: sync with project moves, use a descriptive style)
- 03:43, 7 February 2018 (diff | hist) . . (-22) . . m SQL Injection Prevention Cheat Sheet (Avoid cross-border injection)
- 12:37, 17 July 2017 (diff | hist) . . (-1,084) . . Talk:Benchmark (Clean up and agree)
- 16:49, 2 June 2017 (diff | hist) . . (+42) . . m Clickjacking Defense Cheat Sheet (→Best-for-now Legacy Browser Frame Breaking Script: bring a backup copy instead of the site failure)
- 13:53, 1 June 2017 (diff | hist) . . (-6) . . m Top 10-2017 A7-Cross-Site Scripting (XSS) (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
- 19:54, 31 May 2017 (diff | hist) . . (-35) . . Top 10-2017 A7-Cross-Site Scripting (XSS) (Clarify introduction.)
(newest | oldest) View (newer 20 | older 20) (20 | 50 | 100 | 250 | 500)