ESAPI API

De OWASP
Saltar a: navegación, buscar


This page has been recommended for deletion.
You can help OWASP by improving it or discussing it on its Talk page. See FixME
Comment: Tagged via Template:Delete


marked for delete as per message of the ESAPI co-project lead: http://lists.owasp.org/pipermail/esapi-dev/2015-December/002595.html


Possible Enhancements

  • Make ESAPI factory class (i.e. ESAPI.java) data driven so that you don't have to change code to select your company's implementation of the ESAPI interfaces
  • Move "admin" like functions to a separate API to keep the base API very simple
  • Create a command line interface to facilitate integration with other environments
  • Make ESAPI configs work on either a "per-app" or "global" basis. Probably use a global set that can be overridden by individual applications.


Two strawman ideas on how the API can be designed and some of the implications to start a discussion. File:API Design.docx