This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Working Sessions XSS Frameworks"

From OWASP
Jump to: navigation, search
 
Line 1: Line 1:
[http://www.owasp.org/index.php/Summit_2011 '''Global Summit 2011 Home Page''']<br> [http://www.owasp.org/index.php/Summit_2011_Schedule '''Global Summit 2011 Schedule''']<br> [http://www.owasp.org/index.php/Summit_2011_Working_Sessions '''Global Summit 2011 Working Sessions''']
+
#REDIRECT [[Summit_2011_Working_Sessions/Session009]]
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(179, 179, 179); color: white;" | <font color="black">'''Working Sessions Operational Rules''' - [[:Working Sessions Methodology|'''Please see here the general frame of rules''']].</font>
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION IDENTIFICATION'''</font>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Work Session Name'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <font color="black"><span style="font-weight: bold;">XSS and the Frameworks</span></font> <br>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Short Work Session Description'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | Can we work with the common web frameworks to prevent XSS at the framework level?  If the framework a developer uses handles the most common cases of XSS occurring, the overall prevalence of XSS will be reduced significantly.
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Related Projects (if any)'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | [http://www.owasp.org/index.php/Working_Sessions_XSS_AwarnessResourcesPartnerships Awareness, Resources and Partnerships]
 
|-
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Email Contacts &amp; Roles'''
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Chair'''<br>[mailto:[email protected] '''Justin Clarke''']
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Secretary'''<br>
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Mailing list'''<br>[http://www.owasp.org/index.php/Summit_2011#tab=How_Do_I_Join.3F_.2F_Mailing_list '''Subscription Page''']
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION SPECIFICS'''</font>
 
|-
 
| align="center" style="width: 15%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Objectives'''
 
| align="left" colspan="6" style="width: 85%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | <font color="black"></font><font color="black"></font><font color="black"></font><font color="black"></font><font color="black"></font><font color="black"></font><font color="black"></font>
 
# Work on how OWASP can engage with the major web frameworks to move towards a "secure by default" stance
 
# Work on OWASP resources to provide patches/design approaches in conjunction with the frameworks
 
|-
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | '''Venue/Date&amp;Time/Model'''
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Venue'''<br>[http://www.owasp.org/index.php/Summit_2011 OWASP Global Summit Portugal 2011]
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" |
 
'''Date&amp;Time'''
 
 
 
| align="center" style="width: 25%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | '''Discussion Model'''<br>"Participants + Attendees"
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% white; color: white;" | <font color="black"></font> <br>
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION OPERATIONAL RESOURCES'''</font>
 
|-
 
| align="center" style="width: 100%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" | Projector, whiteboards, markers, Internet connectivity, power
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% white; color: white;" | <font color="black"></font> <br>
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="7" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | <font color="white">'''WORKING SESSION ADDITIONAL DETAILS'''</font>
 
|-
 
| align="left" style="width: 100%; background: none repeat scroll 0% 0% rgb(204, 204, 204);" |
 
*'''Related resources:'''  [[OWASP Working Session - Browser Security Letters]]
 
*'''Frameworks to invite:''' .NET, Struts, Spring, Ruby on Rails
 
 
 
<br>
 
 
 
|}
 
 
 
{| border="0" align="center" style="width: 100%;"
 
|-
 
! align="center" colspan="3" style="background: none repeat scroll 0% 0% rgb(64, 88, 160); color: white;" | '''WORKING SESSION OUTCOMES'''
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(108, 130, 181);" | Statements, Initiatives or Decisions
 
| align="center" style="width: 46%; background: none repeat scroll 0% 0% rgb(179, 179, 179);" | '''Proposed by Working Group'''
 
| align="center" style="width: 47%; background: none repeat scroll 0% 0% rgb(179, 179, 179);" | '''Approved by OWASP Board'''
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 46%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" |
 
| align="center" style="width: 47%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | After the Board Meeting - fill in here.
 
|-
 
| align="center" style="width: 7%; background: none repeat scroll 0% 0% rgb(123, 138, 189);" | <br>
 
| align="center" style="width: 46%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" |
 
| align="center" style="width: 47%; background: none repeat scroll 0% 0% rgb(194, 194, 194);" | After the Board Meeting - fill in here.
 
|}
 
 
 
== Working Session Participants  ==
 
 
 
{{:Template:Summit 2011 Working Sessions Attendee/Columns}}
 
{{:Summit_2011_Attendee/Attendee008 | Summit 2011 Working Sessions Attendee/Rows_Browser_Security}}
 
{{:Summit_2011_Attendee/Attendee052 | Summit 2011 Working Sessions Attendee/Rows_Browser_Security}}
 
 
 
|}
 
<br>
 
[[Category:OWASP_Working_Session]] [[Category:Summit_2011]]
 

Latest revision as of 11:45, 19 December 2010