Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 54 lines (35 sloc) 2.563 kb
69d1429 @thesp0nge Changed validator method from validate to valid?
authored
1 = The Owasp ESAPI Ruby project
63f1689 @thesp0nge Initial commit to owasp-esapi-ruby.
authored
2
4e1718b @thesp0nge Licensed as "new BSD" project with a starting README information
authored
3 == Introduction
4
69d1429 @thesp0nge Changed validator method from validate to valid?
authored
5 The Owasp ESAPI Ruby is a port for outstanding release quality Owasp ESAPI
4e1718b @thesp0nge Licensed as "new BSD" project with a starting README information
authored
6 project to the Ruby programming language.
7
69d1429 @thesp0nge Changed validator method from validate to valid?
authored
8 Ruby is now a famous programming language due to its Rails framework developed by David Heinemeier Hansson (http://twitter.com/dhh) that simplify the creation of a web application using a convention over configuration approach to simplify programmers' life.
9
10 Despite Rails diffusion, there are a lot of Web framework out there that allow people to write web apps in Ruby (merb, sinatra, vintage) [http://accidentaltechnologist.com/ruby/10-alternative-ruby-web-frameworks/]. Owasp Esapi Ruby wants to bring all Ruby deevelopers a gem full of Secure APIs they can use whatever the framework they choose.
11
85ba2c5 @thesp0nge Update README
authored
12 https://secure.travis-ci.org/thesp0nge/owasp-esapi-ruby.png
13
69d1429 @thesp0nge Changed validator method from validate to valid?
authored
14 == Why supporting only Ruby 1.9.2 and beyond?
15
00b87e9 @thesp0nge Added a ChangeLog and written some more stuff into README
authored
16 The OWASP Esapi Ruby gem will require at least version 1.9.2 of Ruby interpreter to make sure to have full advantages of the newer language APIs.
17
18 In particular version 1.9.2 introduces radical changes in the following areas:
19
69d1429 @thesp0nge Changed validator method from validate to valid?
authored
20 === Regular expression engine
21 (to be written)
22
70fcfbe @washu Added the Encoder
washu authored
23 === UTF-8 support
24 Unicode support in 1.9.2 is much better and provides better support for character set encoding/decoding
25 * All strings have an additional chunk of info attached: Encoding
26 * String#size takes encoding into account – returns the encoded character count
27 * You can get the raw datasize
28 * Indexed access is by encoded data – characters, not bytes
29 * You can change encoding by force but it doesn’t convert the data
30
69d1429 @thesp0nge Changed validator method from validate to valid?
authored
31 === Dates and Time
32 From "Programming Ruby 1.9"
33
34 "As of Ruby 1.9.2, the range of dates that can be represented is no longer limited by the under- lying operating system’s time representation (so there’s no year 2038 problem). As a result, the year passed to the methods gm, local, new, mktime, and utc must now include the century—a year of 90 now represents 90 and not 1990."
63f1689 @thesp0nge Initial commit to owasp-esapi-ruby.
authored
35
00b87e9 @thesp0nge Added a ChangeLog and written some more stuff into README
authored
36 == Roadmap
37
38 Please see ChangeLog file.
39
63f1689 @thesp0nge Initial commit to owasp-esapi-ruby.
authored
40 == Note on Patches/Pull Requests
41
42 * Fork the project.
4f2da3f @thesp0nge Files prepared to v0.30 launch
authored
43 * Create documentation with rake yard task
63f1689 @thesp0nge Initial commit to owasp-esapi-ruby.
authored
44 * Make your feature addition or bug fix.
45 * Add tests for it. This is important so I don't break it in a
46 future version unintentionally.
47 * Commit, do not mess with rakefile, version, or history.
48 (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
49 * Send me a pull request. Bonus points for topic branches.
50
51 == Copyright
52
24c6d82 @thesp0nge Fixed (C) statement.
authored
53 Copyright (c) 2011 the OWASP Foundation. See LICENSE for details.
Something went wrong with that request. Please try again.