search

OWASP / OWASP-VWAD

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
https://owasp.org/www-project-vulnerable-web-applications-directory/
Apache License 2.0
862 stars 219 forks source link

JSON format change of "References" String into Array #40

Closed bkimminich closed 6 years ago

bkimminich commented 6 years ago

Would anyone mind if I change the References property to an Array?

My proposal is to change

"References": "https://github.com/bkimminich/juice-shop https://hub.docker.com/r/bkimminich/juice-shop/ https://www.gitbook.com/book/bkimminich/pwning-owasp-juice-shop"

into

"References": [
  "https://github.com/bkimminich/juice-shop",
  "https://hub.docker.com/r/bkimminich/juice-shop/",
  "https://www.gitbook.com/book/bkimminich/pwning-owasp-juice-shop"
]

Furthermore, right now JSON would suffer from information loss compared with the TSV format, as it does not have the link labels at the moment. So, we might go one step further and make it

"References": [
  {"Name": "download", "URL": "https://github.com/bkimminich/juice-shop"},
  {"Name": "docker", "URL": "https://hub.docker.com/r/bkimminich/juice-shop/"},
  {"Name": "guide", "URL": "https://www.gitbook.com/book/bkimminich/pwning-owasp-juice-shop"}
]
raulsiles commented 6 years ago

Hi Björn, Definitely, go for it. I think the best option would be your last proposal, not to loose the context/label for each link.

Thanks!

Raul

On 11 Nov 2017, at 00:12, Björn Kimminich notifications@github.com wrote:

Would anyone mind if I change the References property to an Array?

My proposal is to change

"References": "https://github.com/bkimminich/juice-shop https://hub.docker.com/r/bkimminich/juice-shop/ https://www.gitbook.com/book/bkimminich/pwning-owasp-juice-shop"

into

"References": [ "https://github.com/bkimminich/juice-shop", "https://hub.docker.com/r/bkimminich/juice-shop/", "https://www.gitbook.com/book/bkimminich/pwning-owasp-juice-shop" ]

Furthermore, right now JSON would suffer from information loss compared with the TSV format, as it does not have the link labels at the moment. So, we might go one step further and make it

"References": [ {"Name": "download", "URL": "https://github.com/bkimminich/juice-shop"}, {"Name": "docker", "URL": "https://hub.docker.com/r/bkimminich/juice-shop/"}, {"Name": "guide", "URL": "https://www.gitbook.com/book/bkimminich/pwning-owasp-juice-shop"} ]

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

psiinon commented 6 years ago

+1

bkimminich commented 6 years ago

I would also recommend to go for lower case in the property names. Starting with capital letter looks weird in JSON.

raulsiles commented 6 years ago

+1

On 13 Nov 2017, at 13:50, Björn Kimminich notifications@github.com wrote:

I would also recommend to go for lower case in the property names. Starting with capital letter looks weird in JSON.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

kingthorin commented 6 years ago

+1

kingthorin commented 6 years ago

I might try to tackle at least part of this over lunch sometime soon. I’m leaning toward your second example.