Difference between revisions of "Category:OWASP Validation Project"

Jump to: navigation, search
Line 20: Line 20:
[[WebGoat Parameter Parser]]
[[WebGoat Parameter Parser]]
[[OWASP Validation Project Roadmap]]
=News and Status=
=News and Status=

Revision as of 14:19, 25 May 2006

Most web application platforms do not include features to validate user input. This leaves many organizations to craft their own validation mechanisms, often incomplete, flawed, and inefficient.

The OWASP Validation Project was created to provide guidance and tools related to validation. Our philosophy is that validation is required for every part of the HTTP request, including headers, querystring, cookies, form fields, and hidden fields.

Currently, there are several projects underway to create validation technologies for various technologies. Long term, the project plan is to isolate the validation rules from the engine that implements them, and to provide validation engines for the popular web application environments.


The Stinger library is a full HTTP validation engine. It can be used as a library or as a J2EE filter. The full details are on the OWASP Stinger Project page.


OWASP has started a repository for useful regular expressions. These expressions are an extremely powerful way to represent a complex set of validation rules. For example, ^/d[5]$ means to match a string of five digits exactly. For details, please see the OWASP Validation Regex Repository


PHP Filter


WebGoat Parameter Parser


OWASP Validation Project Roadmap

News and Status

 Wed Nov 17 15:27:39 EST 2004
 The validation project was started to pull together a number of validation related articles, tools, and techniques for a variety of technologies under one umbrella.
 The validation project is run by the OWASP Germany Chapter. The project leader and coordinator is Ali Mabrouk.

Feedback and Participation

We hope you find the Validation project useful. Please contribute back to the project by sending your comments, questions, and suggestions to the Validation mailing list. Thanks!

To join the OWASP Validation mailing list or view the archives, please visit the subscription page.


This category has the following 2 subcategories, out of 2 total.


Media in category "OWASP Validation Project"

This category contains only the following file.