Roel Storms
Roel Storms
I discovered this issue during a pentest where a large js file is downloaded from the server. (length 2885688 bytes). I noticed that the browser kept waiting for a response....
Is it useful to add a section on prototype pollution (not to be confused with http parameter pollution)? This vulnerability is a couple of years old but I cant find...
[9.2.1](https://github.com/OWASP/ASVS/blob/master/4.0/en/0x17-V9-Communications.md#v92-server-communications-security-requirements) states the following > Verify that connections to and from the server use trusted TLS certificates. Where internally generated or self-signed certificates are used, the server must be configured...
I have a class Role as follows (following your example in the docs): ``` class Role(Base, RoleMixin): id = Column(Integer, primary_key=True) name = Column(String(20)) parents = relationship( 'Role', secondary=roles_parents, primaryjoin=(id...
In Cookies.java the set(String name, String Value, AttributesDefinition attributes); will set the cookie using setCookie(String cookieValue, HttpServletResponse response); which will use the 'Set-Cookie' header. This is for the usecase when...