ESAPI: Porting Security Methods to PHP

Mar 16, 2009

Andrew van der Stock from the Open Web Application Security Project (OWASP) is porting Enterprise Security API (ESAPI) methods to PHP.

ESAPI defines security measures which protect web applications from typical attacks, such as cross site scripting and SQL injection. The documentation aims to prevent developers replicating security methods and helps them avoid mistakes.

A reference Java Edition of the OWASP ESAPI toolkit already exists, but Stock is working on a PHP version. In his blog, he reports that the essentials have passed the first set of unit tests in the exceptions class.

Van der Stock is looking for assistance from other PHP developers. His project website can be found at the OWASP wiki.

Related content

  • ESAPI 1.4: Security Methods for the Web

    The Enterprise Security API (ESAPI), a set of documentation focusing on application software security, has released a new version 1.4. Javadocs were updated and old interfaces were replaced.

comments powered by Disqus

Issue 253/2021

Buy this issue as a PDF

Digital Issue: Price $12.99
(incl. VAT)