Hello to all,
As I'm going to be writing about zf2 security, I was hoping some of you had some tips for topics. Currently I don't have a lot to go with: - Validators (and more in-dept csrf). - Session validators - Escaping If you have ideas or suggestions, please let me know. Thank you :) Kind regards, Roberto Wesley Overdijk (RWOverdijk) |
- Crypt (Including password hashing) + Timing attacks + Secure algorithms + Salts and more - Typical PHP Security + Uploads
+ Exec + etc... There is likely more but I am tired and my brain is on a bit of shutdown :)
On Mon, Jul 8, 2013 at 10:18 PM, Wesley Overdijk <[hidden email]> wrote: Hello to all, |
In reply to this post by Wesley Overdijk
Hi Wesley,
i forgot to cc zf-contributors :( On Tue, Jul 9, 2013 at 8:31 AM, Enrico Zimuel <[hidden email]> wrote: > Hi Wesley, > > the main components about security in ZF2 are: > Zend\Authentication > Zend\Captcha > Zend\Crypt > Zend\Escaper > Zend\Filter > Zend\InputFilter > Zend\Permissions > Zend\Math > Zend\Validator > > Here you can find some information about Zend\Crypt in ZF2 and the > last new features about ZF2 added in 2.1 version: > https://speakerdeck.com/ezimuel/cryptography-made-easy-with-zend-framework-2 > http://www.zimuel.it/en/zf-2-1-0/ > > Regards, > Enrico Zimuel > > On Tue, Jul 9, 2013 at 7:18 AM, Wesley Overdijk <[hidden email]> wrote: >> Hello to all, >> >> As I'm going to be writing about zf2 security, I was hoping some of you had some tips for topics. Currently I don't have a lot to go with: >> - Validators (and more in-dept csrf). >> - Session validators >> - Escaping >> >> If you have ideas or suggestions, please let me know. Thank you :) >> >> Kind regards, >> >> Roberto Wesley Overdijk (RWOverdijk) > > > > -- > Enrico Zimuel > Senior PHP Engineer | [hidden email] > Zend Framework Team | http://framework.zend.com > Zend Technologies Ltd. > http://www.zend.com -- Enrico Zimuel Senior PHP Engineer | [hidden email] Zend Framework Team | http://framework.zend.com Zend Technologies Ltd. http://www.zend.com |
Hello Enrico,
I was already sending you an email in which I said I thought you'd forgotten to press "reply-all" :D Thanks! That's a very nice list. Should I add Acl to that? Kind regards, Roberto Wesley Overdijk (RWOverdijk) On 9 jul. 2013, at 08:31, Enrico Zimuel <[hidden email]> wrote: > Hi Wesley, > > i forgot to cc zf-contributors :( > > On Tue, Jul 9, 2013 at 8:31 AM, Enrico Zimuel <[hidden email]> wrote: >> Hi Wesley, >> >> the main components about security in ZF2 are: >> Zend\Authentication >> Zend\Captcha >> Zend\Crypt >> Zend\Escaper >> Zend\Filter >> Zend\InputFilter >> Zend\Permissions >> Zend\Math >> Zend\Validator >> >> Here you can find some information about Zend\Crypt in ZF2 and the >> last new features about ZF2 added in 2.1 version: >> https://speakerdeck.com/ezimuel/cryptography-made-easy-with-zend-framework-2 >> http://www.zimuel.it/en/zf-2-1-0/ >> >> Regards, >> Enrico Zimuel >> >> On Tue, Jul 9, 2013 at 7:18 AM, Wesley Overdijk <[hidden email]> wrote: >>> Hello to all, >>> >>> As I'm going to be writing about zf2 security, I was hoping some of you had some tips for topics. Currently I don't have a lot to go with: >>> - Validators (and more in-dept csrf). >>> - Session validators >>> - Escaping >>> >>> If you have ideas or suggestions, please let me know. Thank you :) >>> >>> Kind regards, >>> >>> Roberto Wesley Overdijk (RWOverdijk) >> >> >> >> -- >> Enrico Zimuel >> Senior PHP Engineer | [hidden email] >> Zend Framework Team | http://framework.zend.com >> Zend Technologies Ltd. >> http://www.zend.com > > > > -- > Enrico Zimuel > Senior PHP Engineer | [hidden email] > Zend Framework Team | http://framework.zend.com > Zend Technologies Ltd. > http://www.zend.com |
Sorry, I just noticed that Acl is in Permissions… Never mind my last email.
Kind regards, Roberto Wesley Overdijk (RWOverdijk) On 9 jul. 2013, at 08:34, Wesley Overdijk <[hidden email]> wrote: > Hello Enrico, > > I was already sending you an email in which I said I thought you'd forgotten to press "reply-all" :D > > Thanks! That's a very nice list. Should I add Acl to that? > > Kind regards, > > Roberto Wesley Overdijk (RWOverdijk) > > On 9 jul. 2013, at 08:31, Enrico Zimuel <[hidden email]> wrote: > >> Hi Wesley, >> >> i forgot to cc zf-contributors :( >> >> On Tue, Jul 9, 2013 at 8:31 AM, Enrico Zimuel <[hidden email]> wrote: >>> Hi Wesley, >>> >>> the main components about security in ZF2 are: >>> Zend\Authentication >>> Zend\Captcha >>> Zend\Crypt >>> Zend\Escaper >>> Zend\Filter >>> Zend\InputFilter >>> Zend\Permissions >>> Zend\Math >>> Zend\Validator >>> >>> Here you can find some information about Zend\Crypt in ZF2 and the >>> last new features about ZF2 added in 2.1 version: >>> https://speakerdeck.com/ezimuel/cryptography-made-easy-with-zend-framework-2 >>> http://www.zimuel.it/en/zf-2-1-0/ >>> >>> Regards, >>> Enrico Zimuel >>> >>> On Tue, Jul 9, 2013 at 7:18 AM, Wesley Overdijk <[hidden email]> wrote: >>>> Hello to all, >>>> >>>> As I'm going to be writing about zf2 security, I was hoping some of you had some tips for topics. Currently I don't have a lot to go with: >>>> - Validators (and more in-dept csrf). >>>> - Session validators >>>> - Escaping >>>> >>>> If you have ideas or suggestions, please let me know. Thank you :) >>>> >>>> Kind regards, >>>> >>>> Roberto Wesley Overdijk (RWOverdijk) >>> >>> >>> >>> -- >>> Enrico Zimuel >>> Senior PHP Engineer | [hidden email] >>> Zend Framework Team | http://framework.zend.com >>> Zend Technologies Ltd. >>> http://www.zend.com >> >> >> >> -- >> Enrico Zimuel >> Senior PHP Engineer | [hidden email] >> Zend Framework Team | http://framework.zend.com >> Zend Technologies Ltd. >> http://www.zend.com > |
In reply to this post by Wesley Overdijk
CONTENTS DELETED
The author has deleted this message.
|
I don't have a reply-list button :p
Met vriendelijke groet / Kind regards, Roberto Wesley Overdijk @RWOverdijk M. +31 (0)6 15553243 On 9 jul. 2013, at 13:14, Ben Scholzen 'DASPRiD' <[hidden email]> wrote: On 09.07.2013 08:34, Wesley Overdijk wrote:Hello Enrico,Do not press "reply-all", press "reply-list" ;P |
Free forum by Nabble | Edit this page |