Comments (17)
Hi,
Thanks you very much for the proposal.
Sound interesting, i'm ok with the proposal but only if the cheat sheet is pragmatic and provide directly useful information to dev team but it's seems to be your objective according to your post.
@ThunderSon @mackowski Your opinion?
from cheatsheetseries.
Hello @garethventon :) This issue has been flagged with Help Wanted. If you feel like doing it, kindly let us know in order to remove the label.
from cheatsheetseries.
@MarcinHoppe No worries I will ping you if we will make some progress here for review :)
@bschach @philippederyck do you want to contribute? We have the skeleton just need to fill the gaps :)
from cheatsheetseries.
Very sorry, will also hardly find time for this in the next weeks :-(
But in the OAuth Security Workshop 2 weeks ago, @andifalk brought up the idea of a cheatsheet again. Maybe he and some others from the community would like to contribute.
from cheatsheetseries.
Good idea!
from cheatsheetseries.
Proposal highly accepted π
Please, use the cheat sheet template to create the CS.
Ping us when you start working on the cheat sheet in order that we update the ticket status in the project plan.
Thanks in advance π
from cheatsheetseries.
Happy to contribute and share some insights I'll likely need some assistance though.
from cheatsheetseries.
We'd be more than happy to assist, or even contact people that can give better assistance. I'll assign it to you. You can hit us up on Slack as you already know us :)
from cheatsheetseries.
Hey @garethventon what is the status on the issue? Do you need any help from us?
from cheatsheetseries.
from cheatsheetseries.
@garethventon Can you share with me the findings? You can find me on Slack π
from cheatsheetseries.
Hello,
As the issue is assigned since many time and we do not have received any PR for this then we send it back to the backlog and we set it as HELP_WANTED.
Thank you very much in advance for your understanding π
from cheatsheetseries.
The latest OAuth security best practice doc is here https://tools.ietf.org/html/draft-ietf-oauth-security-topics-15 if all we do is convert this to a cheatsheet we wim, I can even ask Fett or Lidderstat if they will review it. Anyone?
from cheatsheetseries.
There is draft for this CS: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets_draft/OAuth_Cheat_Sheet.md.
@MarcinHoppe do you still want to work on this?
from cheatsheetseries.
I'd love to but I am afraid I can't commit to it now. I just don't have the time.
from cheatsheetseries.
Sounds great, but I don't have time right now to work on this.
from cheatsheetseries.
Very old new cheat sheet proposal; I am closing this.
from cheatsheetseries.
Related Issues (20)
- Update: Secure Product Design HOT 5
- Update: User Privacy Protection Cheat Sheet HOT 3
- Update: CSRF - Form tag clarification HOT 1
- Update: DotNet Security Cheat Sheet HOT 5
- Update: CSRF - fix untrue statements HOT 3
- Update: [Cross-Site_Request_Forgery_Prevention_Cheat_Sheet] HOT 3
- Update: Docker Security HOT 1
- Update: Abuse_Case_Cheat_Sheet.md HOT 2
- Update: [XML External Entity Prevention Cheat Sheet] HOT 2
- New CS proposal: Software Supply Chain Security HOT 3
- Update: Cross-Site_Request_Forgery_Prevention_Cheat_Sheet HOT 2
- Update: Error_Handling_Cheat_Sheet HOT 2
- Update: LDAP_Injection_Prevention_Cheat_Sheet HOT 2
- Update: CSRF: Also document `__Secure-` prefix for cookies against double submission attacks HOT 3
- Update: CSRF Broken Markup? HOT 3
- Update: Authentication Cheat Sheet HOT 7
- bug: 404 link: docker icc canonical info is gone. HOT 3
- Update: OAuth2_Cheat_Sheet.md HOT 2
- Update: Cross-Site Request Forgery Prevention Cheat Sheet HOT 1
- Update: [XSS Filter Evasion Cheat Sheet]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cheatsheetseries.