Slide 46
Slide 46 text
OWASP ESAPI(Enterprise Security API)の対応
OWASP Top10 ライブラリ対応
A1 ΠϯδΣΫγϣϯ Encoder, Validator
A2 ೝূͱηογϣϯཧͷෆඋ AuthenCcator, User, HTTPUCls
A3 ΫϩεαΠτεΫϦϓςΟϯά Encoder, Validator
A4 ҆શͰͳ͍ΦϒδΣΫτࢀর AccessReferenceMap
A5 ηΩϡϦςΟઃఆͷϛε -
A6 ػີσʔλͷ࿐ग़ Encryptor
A7 ػೳϨϕϧΞΫηε੍ޚͷܽམ AccessController
A8 ΫϩεαΠτϦΫΤετϑΥʔ
δΣϦ
User(csrsoken)
A9 طͷ੬ऑੑΛ࣋ͭίϯϙʔωϯ
τͷ༻
-
A10 ະݕূͷϦμΠϨΫτͱϑΥʔ
ϫʔυ
AccessController
46
OWASP ESAPI
hKps://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API