OFBiz › OFBiz - Dev

Anyone tried HDIV?

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

2 messages Options

David E Jones-3

Anyone tried HDIV?

I've recently run across this project while looking at browser-based
application vulnerabilities:

http://www.hdiv.org/index.htm

It looks like it is pretty complete in terms of protecting parameters,
etc, etc.

It might take a little bit of work for front-end apps, but for the
form widget and service input processing it should be pretty easy to
incorporate (ie only do it once on the framework level).

I'm just exploring this idea right now. If someone wants to work on
it, please feel free to! In the near future if no one has picked it up
I'll work on it or look around for someone to do it...

-David

Jacques Le Roux

Re: Anyone tried HDIV?

Administrator

Looks great af 1st sight (I read http://www.hdiv.org/docs/hdiv.pdf) !

Jacques

From: "David E Jones" <[hidden email]>

>
> I've recently run across this project while looking at browser-based
> application vulnerabilities:
>
> http://www.hdiv.org/index.htm
>
> It looks like it is pretty complete in terms of protecting parameters,
> etc, etc.
>
> It might take a little bit of work for front-end apps, but for the
> form widget and service input processing it should be pretty easy to
> incorporate (ie only do it once on the framework level).
>
> I'm just exploring this idea right now. If someone wants to work on
> it, please feel free to! In the near future if no one has picked it up
> I'll work on it or look around for someone to do it...
>
> -David
>
>