Scribd Logo
Unggah

Selamat datang di Scribd!

  • Esapi4php Contributing

    Diunggah oleh

    Gil Martins
    17 tayangan2 halaman
    The document provides onboarding instructions for volunteers who want to contribute to porting the ESAPI for Java EE version 1.4 to PHP version 5.2. It outlines 8 steps for volunteers to follow, including subscribing to the project mailing list, getting an assignment from the project manager, checking out the source code from repositories, starting coding, asking any questions on the mailing list, and providing weekly status updates. It also provides information on the approach being taken to port the Java code to PHP on an interface-by-interface basis, and a checklist for volunteers to follow before and after committing code.

    Deskripsi Asli:

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    The document provides onboarding instructions for volunteers who want to contribute to porting the ESAPI for Java EE version 1.4 to PHP version 5.2. It outlines 8 steps for volunteers to follow, including subscribing to the project mailing list, getting an assignment from the project manager, checking out the source code from repositories, starting coding, asking any questions on the mailing list, and providing weekly status updates. It also provides information on the approach being taken to port the Java code to PHP on an interface-by-interface basis, and a checklist for volunteers to follow before and after committing code.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    17 tayangan2 halaman

    Esapi4php Contributing

    Diunggah oleh

    Gil Martins
    The document provides onboarding instructions for volunteers who want to contribute to porting the ESAPI for Java EE version 1.4 to PHP version 5.2. It outlines 8 steps for volunteers to follow, including subscribing to the project mailing list, getting an assignment from the project manager, checking out the source code from repositories, starting coding, asking any questions on the mailing list, and providing weekly status updates. It also provides information on the approach being taken to port the Java code to PHP on an interface-by-interface basis, and a checklist for volunteers to follow before and after committing code.

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 2

    Datasheet v1

    GETTINGSTARTEDONTHE ESAPI FOR PHP PROJECT


    OWASPENTERPRISE SECURITYAPI TOOLKIT
    OWASPESAPI Toolkit

    ESAPIforPHPDeveloperOnboarding
    TheESAPIforPHPprojectisalwaysonthelookoutforvolunteerswho areinterestedincontributingdevelopercycles.Rightnow,were lookingforvolunteerstohelpportESAPIforJavaEEversion1.4toPHP version5.2.Hereswhatyoullneedtodo,ifyouareinterested.
    Step1:SubscribetotheESAPIforPHPmaillist ThefirststepistosubscribetotheESAPIforPHP maillist.Thisisadifferentseparatemaillistthan themainESAPImaillist.Youcansubscribetothe ESAPIforPHPmaillisthere. Step2:AskMikeforanassignment ThenextstepistoemailMiketointroduce yourselfandtoaskforanassignment.Mikeis MikeBoberski,theprojectmanagerforESAPIfor PHP.YoucanemailMikehere. Step3:ProvideMikewithyourGoogleAccountID ThenextstepistoemailMikewithyourGoogle Accountname.IfyoudonthaveaGoogle Account,youllneedone.ESAPIforPHPsource codeanddocumentationishostedonGoogle Codehere. Step4:Checkoutthelatestprojectsourcecode ThenextstepistoobtaintheSVNclientofyour choice(suchasTortoiseSVN)andpointitatthe projectrepositoryhere. Step5:CheckouttheESAPIforJavasourcecode ThenextstepistoobtaintheESAPIforJavaEE version1.4baseline,againusingSVN.TheESAPI forJavaEEversion1.4baselineishere. Step6:Startcoding! Thenextstepistogettowork!Thankyouagain forcontributingyourvaluabledevelopercycles, werecognizeandappreciatethevalueofyour time.Moredetailsabouttheapproachthatwere usingcanbefoundontheothersideofthis datasheet. Step7:Emailthelistwithanyquestions Ifindoubt,emailthelistwithanyquestionsor concernsasyouworkonthecode.Pleasebe patientifyoudontgetaresponserightaway.The developmentteamthatisworkingonESAPIfor PHPliterallyspanstheglobe,sodependingon yourlocationandwhomevermayhaveinsightinto aparticularitem,theremaybeadelay. Step8:Emailthelistweeklywithyourstatus Mikesendsoutaprojectstatusemailonceaweek. Anarchiveofweeklystatusemailscanbefound here.PleaseemailtheESAPIforPHPmaillistwith abriefsummaryofwhatyouworkedonduringthe pastweek,whatyouplanonworkingonthenext, andanyissuesorrequestsforassistance.Please trytoemailyourstatusbyCOBThursdayEastern time(MikeislocatedinthegreaterWashington DCarea).

    Didyouknow ThereareJavaEE,.NET, ClassicASP, ColdFusion/CFML,PHP,and Pythonlanguageversions ofESAPIthatareat differentstagesof maturity. TheESAPIforJavaEE versionincludesaWeb ApplicationFirewall(WAF) thatcanbeusedtogive developmentteams breathingroomwhile makingfixes Alllanguageversionsof ESAPIToolkitsarelicensed undertheBSDlicense, whichisverypermissive andaboutasclosetopublic domainasispossible.You canuseormodifyESAPI howeveryouwant,even includeitincommercial products.

    http://www.owasp.org

    RelatedOWASPprojects: Learnaboutthemost commonwebapplication vulnerabilities:OWASPTop Ten Whatsecurityteamswillbe testingforafteryou integrateESAPI:OWASP ApplicationSecurity VerificationStandard (ASVS) Whatyoucandotohelp ensurethatsecurityis beingbuiltin,inthefirst place:OWASPLegalProject Formoreinformation Formoredetailsabout OWASPESAPI,youcanfind theprojectpagehere.

    Herestheapproachthatweretaking toporttheJavacodetoPHP
    TheESAPIforJavaEEisthedesign Basically,weregoinginterfacebyinterface,class byclass,linebylinethroughtheESAPIforJavaEE codeandtranslatingJavalanguageconstructsinto PHPversion5.2statements.Theonlydifferences betweenthecodeshouldbelanguagespecific differences.Incertaininstanceshowever,a solutionthatisuniquetoPHPmayberequired. Forexample,theESAPIforPHPconfigurationfileis anXMLfile,comparedtotheJavaversions propertiesfile. Insuchinstances,pleaseemailthelistwithyour proposalBEFOREcontinuingon.Basically,you needtogetMikesOK,aftermakingsuretofollow anyguidanceortechnicaldirectionprovidedby Andrew.Mikeis,inadditiontomanagingtasking, reviewingcodeandteststoensurequalityand consistency,andtowatchfortheintroductionof anynewdependencies.AndrewisAndrewvan derStock,thetechnicalleadandtheoverall projectlead.YoucanemailAndrewhere.

    Checkthischecklist,beforeyoucheckincode Pleasemakesuretorunthroughthischecklist BEFOREyoucommitcode: Youhavecreatedtestsforyourneworupdated codein/test Youhaverun/test/AllTests.phpandhave verifiedthatyourtestsallrunsuccessfully Youhaverun/test/AllTests.phpandhave verifiedthatyournewcodehasntbrokenany existingcode Youhaveupdatedthephpdoctomatchthe ESAPIforJavaEEjavadoc,andaddedyourselfto theattributions Pleasemakesuretorunthroughthischecklist AFTERyoucommitcode: YouhaveemailedtheESAPIforPHPmaillistto letthemknowwhatcodehasbeencheckedin, andwhatthenewormodifiedcodeisordoes.

    Anda mungkin juga menyukai