scalereg security review

shawshank-redemption / scalereg

Automatically exported from code.google.com/p/scalereg

Other

0 stars 0 forks source link

scalereg security review #5

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago

Our code was secure through obscurity in the past. It's open source now,
time to make sure it's actually secure.

Off the top of my head:
- cookie handling
- we probably should stop using class TempOrder
- make sure users cannot inject bad data into the db
- make sure everything is escaped, check for XSS

Original issue reported on code.google.com by zhang...@gmail.com on 24 Jun 2009 at 7:40

GoogleCodeExporter commented 8 years ago

Original comment by zhang...@gmail.com on 24 Jun 2009 at 8:25

Added labels: Milestone-8X-Beta1
Removed labels: Milestone-8X

GoogleCodeExporter commented 8 years ago

Original comment by i...@fonz.net on 10 Aug 2009 at 8:40

Added labels: registration, simplecfp