click_jacking.py in threading2 On Fri, Jan 18, 2013 at 4:36 PM, Dominique Righetto <dominique.righe...@gmail.com> wrote: > Hi Andres, > > For sure, which existing Grep plugin can I use as template ? > > Thanks in advance. > -- > Cordialement, Best regards, > Dominique Righetto > dominique.righe...@gmail.com > dominique.righe...@owasp.org > Twitter: @righettod > GPG: 0x323D19BA > > http://righettod.github.com > "No trees were killed to send this message, but a large number of electrons > were terribly inconvenienced." > > > On Fri, Jan 18, 2013 at 2:16 PM, Andres Riancho <andres.rian...@gmail.com> > wrote: >> >> Dom, >> >> I've merged your changes into threading2 [0] and made use of the >> high-level function in the xss.py plugin [1]. All looks good :) >> >> Now that you've got the base CSP parsing ready, do you want to >> continue and write the grep plugin that reports insecure CSP policies >> around it? >> >> [0] https://sourceforge.net/apps/trac/w3af/changeset/6648 >> [1] https://sourceforge.net/apps/trac/w3af/changeset/6649 >> >> Regards, >> >> On Sun, Jan 13, 2013 at 7:43 AM, Dominique RIGHETTO >> <dominique.righe...@gmail.com> wrote: >> > Hi, >> > >> > Function to check if a site is protected against XSS vulns implemented, >> > dedicated test cases also implemented.[0] >> > >> > See commit: a6c06a1fe0f7d6ee8241a7dfe05a7eed96078633 [1] >> > >> > UT successfully executed against revision "6647" of "Threading2" branch. >> > >> > [0] >> > >> > https://github.com/righettod/w3af-contribs/issues/2#issuecomment-12192049 >> > [1] >> > >> > https://github.com/righettod/w3af-contribs/commit/a6c06a1fe0f7d6ee8241a7dfe05a7eed96078633 >> > >> > >> > -- >> > Cordialement, Best regards, >> > Dominique Righetto >> > dominique.righe...@gmail.com >> > dominique.righe...@owasp.org >> > Twitter: @righettod >> > GPG: 0xC34A4565323D19BA >> > http://righettod.github.com >> > "No trees were killed to send this message, but a large number of >> > electrons >> > were terribly inconvenienced." >> >> >> >> -- >> Andrés Riancho >> Project Leader at w3af - http://w3af.org/ >> Web Application Attack and Audit Framework >> Twitter: @w3af >> GPG: 0x93C344F3 > >
-- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812 _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
