Security

Security Pitfalls in Stripes Web Applications

Download Now Free registration required

Executive Summary

The Stripes framework (www.stripesframework.org) is a Java web presentation framework that aims to ease the process of creating Java based web applications, by favouring defaults over verbose configuration and by providing a single backing bean for both properties and methods. This paper covers Stripes version 1.5.1 from www.stripesframework.org. It exposes a number of potential security weaknesses that should be included in a comprehensive Web Application Security Assessment, but should not be regarded as a complete methodology for security assessing Stripes based web applications. For a complete methodology consult the OWASP Testing Guide.

  • Format: PDF
  • Size: 183.45 KB