ESAPI: Porting Security Methods to PHP

Mar 16, 2009

Andrew van der Stock from the Open Web Application Security Project (OWASP) is porting Enterprise Security API (ESAPI) methods to PHP.

ESAPI defines security measures which protect web applications from typical attacks, such as cross site scripting and SQL injection. The documentation aims to prevent developers replicating security methods and helps them avoid mistakes.

A reference Java Edition of the OWASP ESAPI toolkit already exists, but Stock is working on a PHP version. In his blog, he reports that the essentials have passed the first set of unit tests in the exceptions class.

Van der Stock is looking for assistance from other PHP developers. His project website can be found at the OWASP wiki.

Related content

  • ESAPI 1.4: Security Methods for the Web

    The Enterprise Security API (ESAPI), a set of documentation focusing on application software security, has released a new version 1.4. Javadocs were updated and old interfaces were replaced.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More