A plugin would be a more reliable solution to the problem of detecting web-app
attacks. As was discussed earlier, without access to the request at the
socket-level, we are at a disadvantage. The project as it stands, however, is
intended to be a set of APIs. A plugin can be a long-term goal, or perhaps a
spinoff project.
Nathan
-----Original Message-----
From: owa...@li...
[mailto:owa...@li...]On Behalf
Of Steven J. Sobol
Sent: Wednesday, April 03, 2002 10:35 AM
To: Chr...@ey...
Cc: owa...@li...
Subject: Re: Doh! I screwed up WAS:Re: [Owasp-input-api-developers]
Status?
On Wed, 3 Apr 2002 Chr...@ey... wrote:
> However, when I first heard the description of this project, I imagined
> that the product would be a set of APIs
That's what I figured, myself.
> I was wondering if you all thought there is room in this project for, in
> essence, two products - a web/app server plugin, and a programming API? Of
> course, the web server plugins themselves can and probably will use the
> input-scrubbing API, so it's not like the two products will be completely
> disassociated.
I think this might be a good idea. Of course, I don't really have the
expertise to do the server modules. I can work on the APIs for several
scripting languages.
--
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH 888.480.4NET http://JustThe.net
Need a programmer? Resume going up at http://sourceforge.net/users/webdude216
_______________________________________________
Owasp-input-api-developers mailing list
Owa...@li...
https://lists.sourceforge.net/lists/listinfo/owasp-input-api-developers
|
