Re: [W3af-develop] [W3af-svn-notify] SF.net SVN: w3af:[3537] trunk/plugins/grep/formAutocomplete.py

Fri, 10 Sep 2010 16:27:55 -0700 

Javier,

    Congrats on your first plugin! :) I have a couple of questions and
comments about the code:

- I don't know much about xpath, could you explain these lines?
AUTOCOMPLETE_FORMS_XPATH = "//form[not(@autocomplete) or @autocomplete='on']"
PWD_INPUT_XPATH = "//input[translate(@type,'PASWORD','pasword')='password']"

Maybe it would be good if you could add a comment there?

- In PWD_INPUT_XPATH, were you trying to say 'PASSWORD' and 'password' ?

- I'm not sure about this because I haven't tested it, but I think
that the description should be in one line.
            Grep every page for detection of forms with 'autocomplete' 
capabilities
            containing password-type inputs.

    All in all... GREAT work !

Regards,

On Fri, Sep 10, 2010 at 6:39 PM,  <javieranda...@users.sourceforge.net> wrote:
> Revision: 3537
>          http://w3af.svn.sourceforge.net/w3af/?rev=3537&view=rev
> Author:   javierandalia
> Date:     2010-09-10 21:39:20 +0000 (Fri, 10 Sep 2010)
>
> Log Message:
> -----------
> New grep plugin
>
> Added Paths:
> -----------
>    trunk/plugins/grep/formAutocomplete.py
>
>
> This was sent by the SourceForge.net collaborative development platform, the 
> world's largest Open Source development site.
>
> ------------------------------------------------------------------------------
> Start uncovering the many advantages of virtual appliances
> and start using them to simplify application deployment and
> accelerate your shift to cloud computing
> http://p.sf.net/sfu/novell-sfdev2dev
> _______________________________________________
> W3af-svn-notify mailing list
> w3af-svn-not...@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-svn-notify
>



-- 
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/

------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop

Reply via email to