1 | OWASP ESAPI for C++ package and its dependencies
|
---|
2 | -------------------------------------------------------
|
---|
3 | Used to ensure cgiargs that go into the webpage are safe.
|
---|
4 | See https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
|
---|
5 |
|
---|
6 |
|
---|
7 | OWASP ESAPI FOR C++
|
---|
8 | -------------------------------------------------------
|
---|
9 | The site is:
|
---|
10 | http://owasp-esapi-cplusplus.googlecode.com/svn/trunk/doc/html/index.html
|
---|
11 |
|
---|
12 | The code is from the 3 Mar 2014 svn checkout:
|
---|
13 | svn checkout https://owasp-esapi-cplusplus.googlecode.com/svn/trunk/ owasp-esapi-cpp
|
---|
14 |
|
---|
15 | A slight modification has been made to the package's GNUmakefile: the 2 references to -Wtrampolines have been commented out
|
---|
16 |
|
---|
17 |
|
---|
18 | COMPILATION
|
---|
19 | ----------------------------
|
---|
20 |
|
---|
21 | ./CASCADE-MAKE.sh
|
---|
22 |
|
---|
23 |
|
---|
24 | To compile up the test/TestMainWin32 binary:
|
---|
25 | runtime-src/packages/security/owasp-esapi-cpp/test>g++ -std=gnu++0x -DDEBUG -O0 -g3 -ggdb TestMainWin32.cpp -o TestMain.exe -I../esapi -I../.. -I../../echoprint-svn/linux/include -L ../lib -lesapi-c++
|
---|
26 |
|
---|
27 | Note that in the example above, the -std=gnu++0x used with gnu compilers (try -std=c++0x on other systems like VisC++) turns on experimental features of the c++ language. If this is undesirable, edit the owasp-for-cpp/esapi/EsapiCommon.h:
|
---|
28 |
|
---|
29 | //# include <memory>
|
---|
30 | //# include <unordered_map>
|
---|
31 | //using std::shared_ptr;
|
---|
32 | //using std::unordered_map;
|
---|
33 | # include <boost/shared_ptr.hpp>
|
---|
34 | # include <boost/unordered_map.hpp>
|
---|
35 | using boost::shared_ptr;
|
---|
36 | using boost::unordered_map;
|
---|
37 |
|
---|
38 |
|
---|
39 | The above uses the include files for unordered_map and shared_ptr from boost instead.
|
---|
40 |
|
---|
41 |
|
---|
42 |
|
---|
43 | OWASP-ESAPI-FOR-C++'s DEPENDENCIES
|
---|
44 | -------------------------------------
|
---|
45 | OWASP-ESAPI for C++ depends on the following:
|
---|
46 | - cryptopp
|
---|
47 | - Boost
|
---|
48 | - the safeint/Safe Integer header file, SafeInt3.hpp
|
---|
49 |
|
---|
50 | Compiling up Boost requires the following dependencies in the given order:
|
---|
51 | - zlib, bzip2, curl, cmake
|
---|
52 |
|
---|
53 | Boost compilation steps were taken from the echoprint gs2-extension
|
---|
54 | http://trac.greenstone.org/browser/gs2-extensions/echoprint/trunk/src?rev=head
|
---|
55 |
|
---|