Add links for Java Encoder and Java HTML Sanitizer #184
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
|
@@ -8,6 +8,11 @@ | |||||||||
| within the SAMM [Security Architecture][sammdsa] security practice | ||||||||||
| which in turn is part of the [Design][sammd] business function. | ||||||||||
|
|
||||||||||
| ## Recommended Secure Libraries (OWASP Projects) | ||||||||||
|
|
||||||||||
| - **OWASP Java Encoder** – https://owasp.org/www-project-java-encoder/ | ||||||||||
|
Check failure on line 13 in docs/en/05-implementation/03-secure-libraries/index.md
|
||||||||||
| - **OWASP Java HTML Sanitizer** – https://owasp.org/www-project-java-html-sanitizer/ | ||||||||||
|
Check failure on line 14 in docs/en/05-implementation/03-secure-libraries/index.md
|
||||||||||
|
Comment on lines
+13
to
+14
There was a problem hiding this comment. The documentation uses markdown reference-style links consistently throughout (see lines 23-25 for examples). Direct URLs should be converted to reference-style links following the pattern used elsewhere in the file. For example, define |
||||||||||
|
|
||||||||||
|
Comment on lines
+11
to
+15
There was a problem hiding this comment. This section presents libraries differently from the established pattern in this documentation. Other libraries (ESAPI, CSRFGuard, OSHP) have dedicated pages with detailed sections explaining 'What is it?', 'Why use it?', and 'How to use it?'. Consider either creating dedicated pages for these libraries following the same pattern, or removing this section since these libraries are already mentioned in the ESAPI page (line 27-28 of 01-esapi.md) as alternatives.
Suggested change
|
||||||||||
| ---- | ||||||||||
|
|
||||||||||
| The OWASP Developer Guide is a community effort; if there is something that needs changing | ||||||||||
|
|
||||||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The section title 'Recommended Secure Libraries (OWASP Projects)' is ambiguous since all libraries in this section (ESAPI, CSRFGuard, OSHP) are OWASP projects. Consider a more specific title that clarifies this is a quick reference list, or reconsider whether a separate section is needed given that dedicated pages exist for other libraries.