軟體安全開源開發框架介紹
1. Java Encoder
解決安全問題: XSS注入攻擊
官網參考
https://www.owasp.org/index.php/OWASP_Java_Encoder_Project
https://github.com/OWASP/owasp-java-encoder
https://owasp.github.io/owasp-java-encoder/
https://owasp.github.io/owasp-java-encoder/encoder/apidocs/index.html?index-all.html
2. OWASP Java HTML Sanitizer
解決安全問題: XSS注入攻擊
https://github.com/owasp/java-html-sanitizer
https://github.com/OWASP/java-html-sanitizer/blob/master/docs/getting_started.md
http://javadoc.io/doc/com.googlecode.owasp-java-html-sanitizer/owasp-java-html-sanitizer/20180219.1
https://github.com/OWASP/java-html-sanitizer/tree/master/src/main/java/org/owasp/html/examples
3. OWASP CSRFGuard
https://github.com/aramrami/OWASP-CSRFGuard
CSRFProtector Project
https://www.owasp.org/index.php/CSRFProtector_Project
https://github.com/mebjas/CSRF-Protector-PHP/wiki/How-to-use
https://github.com/mebjas/CSRF-Protector-PHP/wiki
https://github.com/mebjas/mod_csrfprotector
https://github.com/mebjas/CSRF-Protector-PHP
keyczar
https://github.com/google/keyczar
https://github.com/google/keyczar/wiki/
https://github.com/google/keyczar/blob/wiki/keyczar05b.pdf
Bean Validation
http://beanvalidation.org/news/2018/02/26/bean-validation-2-0-whats-in-it/
Fluent Validator
https://github.com/neoremind/fluent-validator
Commons Validator
https://commons.apache.org/proper/commons-validator/apidocs/org/apache/commons/validator/package-summary.html
https://commons.apache.org/proper/commons-validator/
Other sanitizer libraries:
http://htmlpurifier.org/ (PHP)
https://github.com/ecto/bleach (JavaScript / Node)
https://pypi.python.org/pypi/bleach (Python)