CheatSheetSeries
CheatSheetSeries copied to clipboard
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
## What is missing or needs to be updated? After a casual reading, the Cheat Sheet seems to suggests that even passwords should always be escaped. When this is taken...
## What is missing or needs to be updated? I'm wondering about the title of the chapter "Disallowing **non-**simple requests". In my opinion - and from the context - it...
## What is the proposed Cheat Sheet about? The CS will provide an on overview of SSCS, its relevance to developers, and practical guidance on improving the security of SSCs....
## What is missing or needs to be updated? The chapter on .net refers to version 4.5 - nobody should really be using that anymore. It contains references to dotnet_security_unit_testing...
Thank you for submitting a Pull Request (PR) to the Cheat Sheet Series. > :triangular_flag_on_post: If your PR is related to grammar/typo mistakes, please double-check the file for other mistakes...
## What is missing or needs to be updated? The section [Use TLS For All Pages](https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html#use-tls-for-all-pages) states: > For public facing applications, it may be appropriate to have the web...
Thank you for submitting a Pull Request (PR) to the Cheat Sheet Series. > :triangular_flag_on_post: If your PR is related to grammar/typo mistakes, please double-check the file for other mistakes...
Hi, I've fixed a typo in the Nelmio CORS Bundle configuration file name.
## What is missing or needs to be updated? Some security headers such as `Content-Security-Policy` are (as far as I can tell) relevant on all HTML pages, including error pages....
Thank you for submitting a Pull Request (PR) to the Cheat Sheet Series. > :triangular_flag_on_post: If your PR is related to grammar/typo mistakes, please double-check the file for other mistakes...