Security Pitfalls in Stripes Web Applications

Download Now Date Added: May 2009
Format: PDF

The Stripes framework ( is a Java web presentation framework that aims to ease the process of creating Java based web applications, by favouring defaults over verbose configuration and by providing a single backing bean for both properties and methods. This paper covers Stripes version 1.5.1 from It exposes a number of potential security weaknesses that should be included in a comprehensive Web Application Security Assessment, but should not be regarded as a complete methodology for security assessing Stripes based web applications. For a complete methodology consult the OWASP Testing Guide.