ESAPI: Porting Security Methods to PHP

Mar 16, 2009

Andrew van der Stock from the Open Web Application Security Project (OWASP) is porting Enterprise Security API (ESAPI) methods to PHP.

ESAPI defines security measures which protect web applications from typical attacks, such as cross site scripting and SQL injection. The documentation aims to prevent developers replicating security methods and helps them avoid mistakes.

A reference Java Edition of the OWASP ESAPI toolkit already exists, but Stock is working on a PHP version. In his blog, he reports that the essentials have passed the first set of unit tests in the exceptions class.

Van der Stock is looking for assistance from other PHP developers. His project website can be found at the OWASP wiki.

Related content

comments powered by Disqus

Issue 163/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News