Difference between revisions of "Category:OWASP Learn About Encoding Project"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
[[:Key Project Information:OWASP Learn About Encoding Project|Click here to see (& edit, if wanted) the project's template.]]  
+
{{ ProjectTabs |
{{:Key Project Information:OWASP Learn About Encoding Project}}
+
Proj_About=
 +
[[:Key Project Information:OWASP Learn About Encoding Project|Click here to see (& edit, if wanted) the project's template.]] {{:Key Project Information:OWASP Learn About Encoding Project}}  
  
 +
<br> '''Preamble'''
  
'''Preamble'''
 
----
 
 
Starting with projects such as overtime  
 
Starting with projects such as overtime  
* [[XSS (Cross Site Scripting) Prevention Cheat Sheet]]
 
* [http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/org/owasp/esapi/codecs/?r=364 ESAPI Codecs and Encoder]
 
  
The "OWASP Learn About Encoding Project" has not discovered anything new, but rather wants to emphasize  
+
*[[XSS (Cross Site Scripting) Prevention Cheat Sheet]]
the importance of input sanitize and output escaping. In the network there are often errors in the visualization  
+
*[http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/org/owasp/esapi/codecs/?r=364 ESAPI Codecs and Encoder]
of pages: you see question marks (?) where it should be accented letters, there are strange characters (i.e. A+tilde,  
+
 
A+umlauts) where this should be the "euro" character, and so way. Not only that: but there are communication channels  
+
The "OWASP Learn About Encoding Project" has not discovered anything new, but rather wants to emphasize the importance of input sanitize and output escaping. In the network there are often errors in the visualization of pages: you see question marks (?) where it should be accented letters, there are strange characters (i.e. A+tilde, A+umlauts) where this should be the "euro" character, and so way. Not only that: but there are communication channels that allow the exchange of characters not properly controlled: i.e. sms messages, chat messages, voip client, ecc.. often contain values are not consistent.  
that allow the exchange of characters not properly controlled: i.e. sms messages, chat messages, voip client, ecc..  
+
often contain values are not consistent.
+
  
 
The use of proper Charset is essential for  
 
The use of proper Charset is essential for  
* integrity of the data: if we take in input some characters, we want to "see" the same characters in output
 
* the prevention of the problem of Canonicalization: the knowledge of Charsets is the first thing to do
 
  
 +
*integrity of the data: if we take in input some characters, we want to "see" the same characters in output
 +
*the prevention of the problem of Canonicalization: the knowledge of Charsets is the first thing to do
  
'''Goal'''
+
<br> '''Goal'''  
----
+
This is a project that aims to educate developers, systems analysts or anyone who writes code regarding the knowledge
+
of proper use of Charset and Canonicalization. The project will seek to give a comprehensive response by crossing one
+
another most scenarios highlighting the roles of key players (browser, operating system, database, etc. ..).
+
+
To achieve this goal we decided to create a tool in three different formats:
+
  
* web application
+
This is a project that aims to educate developers, systems analysts or anyone who writes code regarding the knowledge of proper use of Charset and Canonicalization. The project will seek to give a comprehensive response by crossing one another most scenarios highlighting the roles of key players (browser, operating system, database, etc. ..).
* swing application
+
* shell tool
+
  
 +
To achieve this goal we decided to create a tool in three different formats:
  
 +
*web application
 +
*swing application
 +
*shell tool
  
 +
<br>
  
'''Roadmap'''
+
|
----
+
Detailed roadmap for future developments:
+
  
01/03/09 : Startup
+
Proj_Documentation=
  
01/03/09 - 15/03/09 : Project Goal Definition
+
<br> '''Why do I have to understand about encoding?'''
 +
<br> '''Why do I have to understand about charset?'''
  
16/03/09 - 31/03/09 : Project Architecture Definition
+
<br> '''Documentation'''
 +
You can find here some wiki documents.
  
01/04/09 - 31/06/09 : Code Development
+
====Roadmap====
  
01/07/09 : Alpha release
+
<br> '''Roadmap'''
  
05/07/09 - 30/07/09 : Bug Fixing
+
----
  
01/08/09 - 30/10/09 : Project Development - enhancement, new features
+
Detailed roadmap for future developments:  
  
01/11/09 : Beta release
+
01/03/09 : Startup
  
02/11/09 - 30/11/09 : Bug Fixing
+
Until July 09 we haven't dedicated time to the porject like we want,
 +
so the project is late, but we want go on.
  
 +
01/03/09 - 31/03/09 : Project idea definition
  
'''News'''
+
01/04/09 - 15/04/09 : Proof of concept
----
+
 
http://blogs.sun.com/CoreJavaTechTips/entry/the_overhaul_of_java_utf
+
16/04/09 - 30/04/09 : Project goal definition
 +
 
 +
01/07/09: Code Development
 +
 
 +
01/12/09 : ''Alpha release''
 +
 
 +
|
 +
Proj_Mail =
 +
<br>
 +
'''A Java security improvement'''
  
 +
http://blogs.sun.com/CoreJavaTechTips/entry/the_overhaul_of_java_utf
  
  
[[Category:OWASP Project|Learn About Encoding Project]]
+
}}
[[Category:OWASP Tool]]
+
''This project licensed under the.
[[Category:OWASP Alpha Quality Tool]]
+
[[Category:OWASP_Project|Learn About Encoding Project]] [[Category:OWASP_Tool]] [[Category:OWASP_Alpha_Quality_Tool]]

Revision as of 16:32, 12 September 2009

About

Click here to see (& edit, if wanted) the project's template.

PROJECT INFORMATION
Project Name OWASP Learn About Encoding Project
Short Project Description

This project has as its ultimate goal of demystifying the problems related to the study of character encoding (charset encoding). From charset's proper use to the issue of canonicalization, we'll try to explain and resolve the problems related to this issue so dear to professionals in the ICT world. The project consist of: a web application that explain the character life cycle and a usable textual tool and GUI tool.

Key Project Information

Project Leader
Federico Casani
Andrea Zonzin

Project Contibutors
(if any)

Mailing List
Subscribe here
Use here

License
Creative Commons Attribution Share Alike 3.0

Project Type
Tool

Sponsors
add link(s)

Release Status Main Links Related Projects

Apha Quality
Please see here for complete information.

Blog if any, add link(s)


Preamble

Starting with projects such as overtime

The "OWASP Learn About Encoding Project" has not discovered anything new, but rather wants to emphasize the importance of input sanitize and output escaping. In the network there are often errors in the visualization of pages: you see question marks (?) where it should be accented letters, there are strange characters (i.e. A+tilde, A+umlauts) where this should be the "euro" character, and so way. Not only that: but there are communication channels that allow the exchange of characters not properly controlled: i.e. sms messages, chat messages, voip client, ecc.. often contain values are not consistent.

The use of proper Charset is essential for

  • integrity of the data: if we take in input some characters, we want to "see" the same characters in output
  • the prevention of the problem of Canonicalization: the knowledge of Charsets is the first thing to do


Goal

This is a project that aims to educate developers, systems analysts or anyone who writes code regarding the knowledge of proper use of Charset and Canonicalization. The project will seek to give a comprehensive response by crossing one another most scenarios highlighting the roles of key players (browser, operating system, database, etc. ..).

To achieve this goal we decided to create a tool in three different formats:

  • web application
  • swing application
  • shell tool


FAQ


Why do I have to understand about encoding?
Why do I have to understand about charset?


Documentation You can find here some wiki documents.

Roadmap


Roadmap


Detailed roadmap for future developments:

01/03/09 : Startup

Until July 09 we haven't dedicated time to the porject like we want, so the project is late, but we want go on.

01/03/09 - 31/03/09 : Project idea definition

01/04/09 - 15/04/09 : Proof of concept

16/04/09 - 30/04/09 : Project goal definition

01/07/09: Code Development

01/12/09 : Alpha release

News


A Java security improvement

http://blogs.sun.com/CoreJavaTechTips/entry/the_overhaul_of_java_utf

Contributors/Users

{{{Proj_Contributors}}}


This project licensed under the.

This category currently contains no pages or media.