Projects/OWASP Framework Matrix

Revision as of 12:09, 15 September 2013 by Nmatatal (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Note: This page is a template part of the OWASP Framework Security Project. Edit this page here

Framework Security Control Present / Not Present Enabled By Default Link to more info Under Development? Contact Point
Automatic escaping in templates
Prepared statements (including ORM)
Django x-frame-options Present No link n/a n/a
Django SECURE Cookie Flag Present No link n/a n/a
Django HTTPOnly Cookie Flag ? ? [# link] ? ?
Rails Automatic CSRF protection Present Yes link n/a n/a
Offsite redirect detection/prevention
javascript: URIs in links
Error suppression in production environments
Mask sensitive data in logs
Encryption abstractions
Strict transport security
Content security policy