Andres,
About the migration, for the moment, i have issue (cannot install some
dependencies) to install Threading2 branch on my windows dev station,
then exceptionally (because i think you have a ton of work) you can do the
migration...
I apologize to cannot do the migration myself but I don't kn
Dom,
On Mon, Oct 15, 2012 at 10:25 AM, Dominique Righetto
wrote:
> Andres,
>
> OK. About preflight, i must admit that you are right and then i will keep it
> for myself and see if i can meet real risk scenario during profesional dev
> project on which i work
Ok! It might be useful in a parti
Andres,
OK. About preflight, i must admit that you are right and then i will keep
it for myself and see if i can meet real risk scenario during profesional
dev project on which i work
I will start to work soon on a plugin about "Prolonged caching of Preflight
Result" according to a suggestion
Dom,
On Sun, Oct 14, 2012 at 2:10 PM, Dominique Righetto
wrote:
> Andres,
>
> To not block the release process, we can go further and not include the
> preflight plugin...
Ok,
> I have updated the "origin" (not yet push into git repo because i have issue
> to install python 2.7 w3af dependencie
Andres,
To not block the release process, we can go further and not include the
preflight plugin...
I have updated the "origin" (not yet push into git repo because i have
issue to install python 2.7 w3af dependencies on my windows dev station to
test my update on threading2 branch) to include cor
Dom,
On Sun, Oct 14, 2012 at 6:28 AM, Dominique Righetto
wrote:
> Hi,
>
> I understand, it's now my turn to find fact and real case to convince you
> than this plugin have is place into W3AF...It's the game and it's a very
> interesting part ;o
I'm all in for learning why this is a vulnerabi
Dom,
On Sun, Oct 14, 2012 at 5:39 AM, Dominique Righetto
wrote:
> Hi,
>
> OK thanks for the review , I have made a comparison between both version and
> no CORS header miss.
>
> I have retrieved your version to sync with my working repository.
>
> Do you have made the corresponding update into th
Hi,
I understand, it's now my turn to find fact and real case to convince you
than this plugin have is place into W3AF...It's the game and it's a very
interesting part ;o
Thanks for review.
Cordialement, Best regards,
Dominique Righetto
dominique.righe...@gmail.com
dominique.righe...@owasp.o
Hi,
OK thanks for the review , I have made a comparison between both version
and no CORS header miss.
I have retrieved your version to sync with my working repository.
Do you have made the corresponding update into the "
inspectOriginHeaderScrutiny" plugin ? I ask this because I cannot find it
i
Hi,
OK, in fact i am new in this project and then I don't know the official
release process, it's for this reason that i have asked the question.
Now it's clear and then it will more easy for me for next contributions ;o)
Cordialement, Best regards,
Dominique Righetto
dominique.righe...@gmail.co
Dom,
After spending a considerable time with inspectRequestPreflight.py
[0] and the w3c document on CORS [1], I think that the vulnerability
being detected by the plugin:
...
msg = 'Application seems to accept the ' + self.test_http_method + '
request type even if an OPTIONS request type has
First commit [0], the corsUtils.py is now in the threading2 branch :) Comments:
* Renamed file and location where it ended in the project
* Refactoring: there was no need for a class. Now we have functions
* Refactoring: creating the HTTP request by concatenating strings is
not as nice as creating
Dom,
Before the end of the day I'll try to write the unittests and
integrate everything with the threading2 branch; that will go out
shortly. Closing all the open reviews from the community is my top
priority of the week :)
Regards,
On Sat, Oct 13, 2012 at 10:37 AM, Dominique RIGHETTO
wrote
13 matches
Mail list logo
