We need your volunteerism and subject matter expertise to help us clean up the OWASP wiki. This task is for the intellectual juggernaut, the mentally brave, and those who are willing to dig in when faced with a mountain of outdated and disorganized wiki pages about application security. We appreciate your help on this task a great deal and consider this to be a necessary ongoing effort, not a static endeavor.
- Please start by reading some of the wiki-editors archive http://lists.owasp.org/pipermail/owasp-wiki-editors/ to see our conversations and how our decisions evolved.
- Next, please review the content labeling template intended for labeling content that needs updating or removal. https://www.owasp.org/index.php/Template:TaggedDocument Content that needs updating or removal can be flagged with one of several categories:
- inactiveDraft - draft content that was never finished
- old or partialOld- old content that needs updating
- historical - out of date but archived for historical context
- merge - duplicate content that needs to be merged with another doc
- pls_review - recently updated, requesting review
- delete - recommended for permanent deletion
- (tagged with no attribution) generic tagged for review - unsure whats wrong, but needs someone to look at it
- We also have a "popular" category to label up to date content that still needs frequent review. https://www.owasp.org/index.php/Category:Popular
- As you move forward and work on content, some wiki pages just need to be tagged in some way, some wiki pages will need to REDIRECTED to other more relevant content, some wiki pages content great but incomplete work and will need to be finished or updated in some way.
- Also consider just grinding through the FixME pages - lots of deprecated content here that needs tagging. https://www.owasp.org/index.php/Category:FIXME
- Anther approach is to hit google for different OWASP projects and see what pops up first, and update or deprecate those pages so we can clean up more higher priority items.
- Another approach is to pick a topic (like XSS, or SQL Injection) and search for all pages on those items, and see if anything can be merged. Post anything you find to the owasp-wiki-editors list. Please use the "merge" template label for pages of this kind.
- When you do see duplicate content that needs merging, consider merging into one page and redirect the old page to the new merged page. Redirecting is better than deleting since it preserves search engine points of entry.
- This is still a work in progress, so please any other advice here is appreciated. Join us at https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors !
- What's the problem (describe a few google searches that lead to out of date OWASP wiki pages)
- https://www.google.com/search?q=top+10+owasp+attacks+xss: Shows links to 2013, 2010, and 2007 T10
- https://www.owasp.org/index.php?search=malicious&title=Special%3ASearch: Shows 2007 T10 hits
- What's some good ways to keep an eye on this better moving forward (like tagging popular pages for more careful review)
- Describe the tagging system for legacy, dead or good content content that needs updating, etc...
- Describe a few search mechanisms to find content that needs review and tagging
- Leverage the community to help us update the wiki!