Difference between revisions of "Projects/OWASP Framework Matrix"

From OWASP
Jump to: navigation, search
 
Line 31: Line 31:
 
|-
 
|-
 
| || Encryption abstractions || || ||  ||  ||  
 
| || Encryption abstractions || || ||  ||  ||  
|-
 
| || Prepared statement support || || ||  ||  ||
 
 
|-
 
|-
 
| || Strict transport security || || ||  ||  ||  
 
| || Strict transport security || || ||  ||  ||  

Latest revision as of 12:09, 15 September 2013

Note: This page is a template part of the OWASP Framework Security Project. Edit this page here

Framework Security Control Present / Not Present Enabled By Default Link to more info Under Development? Contact Point
Automatic escaping in templates
Prepared statements (including ORM)
Django x-frame-options Present No link n/a n/a
Django SECURE Cookie Flag Present No link n/a n/a
Django HTTPOnly Cookie Flag ? ? [# link] ? ?
Rails Automatic CSRF protection Present Yes link n/a n/a
Offsite redirect detection/prevention
javascript: URIs in links
Error suppression in production environments
Mask sensitive data in logs
Encryption abstractions
Strict transport security
Content security policy