Two free Java EE filters for CSRF, Reflected XSS, and Adobe XSS''' |+|
| || |
|−|OWASP contributors from '''[ http: //www. aspectsecurity.com Aspect Security] ''' have developed two new Java EE filters to protect against common web attacks. Just add a few lines to your web.xml file and enjoy the protection. |+|
| || |
|−|; '''[[ CSRF Guard| CSRF and Reflected XSS Filter for Java EE]] |+|
[[|]] This and from [].
|−|: This filter adds a random token to forms and URLs that prevent an attacker from executing both [[ CSRF]] and reflected [[XSS]] attacks. | |
| || |
|−|; '''[[ PDF Attack Filter for Java EE| Adobe XSS Filter for Java EE]] |+|
[[|]] the .
|−|: This filter protects against the recent XSS attacks on PDF files. By using a redirect and an encrypted token, this filter ensures that dangerous attacks are not passed into the Adobe reader plugin. |+|
are not the .
Revision as of 14:03, 16 March 2007
OWASP Spring Of Code Awarding $110,000 in Grants - Apply NOW
Last Fall, the OWASP Foundation gave $35,000 in grants to worthy application security projects. This Spring, we're using current membership fees and profits from past conferences to fund a bigger round of projects.
As a special offer, 100% of all membership fees collected during the Spring of Code application period will be added to the total Spring of Code dollar amount awarded.
All applications are due by March 14th. The OWASP Spring of Code is not connected to the Google Summer of Code.