The newest installment of ESAPI4JS (v0.1.3) is now available for download.
http://code.google.com/p/owasp-esapi-js/
As always, comments/thoughts/praise/insults are welcome. Please spread the
word.
And remember! "All your DOM Based XSS are belong to us"
version 0.1.3 (01/23/2010)
General
* More updates to distribution
* Cleaned up subversion repository
* Updated subversion to allow *online* testing
Validation
* Implemented i18n support for error messaging
Logging
* Fixed overwrite bug in Logging configuration
Internationalization
* Created ObjectResourceBundle
* Moved messaging to a external resource file
* Add configuration options to ESAPI Config
HTTPUtils
* Implemented Cookie-Jar Management
* Implemented function to get parameters from a GET request
--
-- Chris
OWASP ESAPI Developer
http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API
Check out OWASP ESAPI for Java
http://code.google.com/p/owasp-esapi-java/
Coming soon OWASP ESAPI for JavaScript
http://code.google.com/p/owasp-esapi-js/
Yet Another Developers Blog
http://yet-another-dev.blogspot.com
_______________________________________________
Secure Coding mailing list (SC-L) [email protected]
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
