Dom,
I've merged your changes into threading2 [0] and made use of the
high-level function in the xss.py plugin [1]. All looks good :)
Now that you've got the base CSP parsing ready, do you want to
continue and write the grep plugin that reports insecure CSP policies
around it?
[0] https://sourceforge.net/apps/trac/w3af/changeset/6648
[1] https://sourceforge.net/apps/trac/w3af/changeset/6649
Regards,
On Sun, Jan 13, 2013 at 7:43 AM, Dominique RIGHETTO
<[email protected]> wrote:
> Hi,
>
> Function to check if a site is protected against XSS vulns implemented,
> dedicated test cases also implemented.[0]
>
> See commit: a6c06a1fe0f7d6ee8241a7dfe05a7eed96078633 [1]
>
> UT successfully executed against revision "6647" of "Threading2" branch.
>
> [0]
> https://github.com/righettod/w3af-contribs/issues/2#issuecomment-12192049
> [1]
> https://github.com/righettod/w3af-contribs/commit/a6c06a1fe0f7d6ee8241a7dfe05a7eed96078633
>
>
> --
> Cordialement, Best regards,
> Dominique Righetto
> [email protected]
> [email protected]
> Twitter: @righettod
> GPG: 0xC34A4565323D19BA
> http://righettod.github.com
> "No trees were killed to send this message, but a large number of electrons
> were terribly inconvenienced."
--
Andrés Riancho
Project Leader at w3af - http://w3af.org/
Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3
------------------------------------------------------------------------------
Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and
much more. Get web development skills now with LearnDevNow -
350+ hours of step-by-step video tutorials by Microsoft MVPs and experts.
SALE $99.99 this month only -- learn more at:
http://p.sf.net/sfu/learnmore_122812
_______________________________________________
W3af-develop mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-develop
