OWASP Annotated Application Security Verification Standard
latest
Browse by chapter:
1 Architecture, Design and Threat Modeling
2 Authentication
3 Session Management
4 Access Control
5 Validation, Sanitization and Encoding
6 Stored Cryptography
7 Error Handling and Logging
8 Data Protection
9 Communications
10 Malicious Code
11 Business Logic
12 Files and Resources
13 API and Web Service
13.1 Generic Web Service Security Verification Requirements
13.2 RESTful Web Service Verification Requirements
13.2.1 Enabled RESTful HTTP methods are a valid choice for the user or action
13.2.2 JSON schema validation is in place
13.2.3 RESTful web services that utilize cookies are protected from CSRF
13.2.4 TODO
13.2.5 TODO
13.2.6 TODO
13.3 SOAP Web Service Verification Requirements
13.4 GraphQL and other Web Service Data Layer Security Requirements
14 Configuration
OWASP Annotated Application Security Verification Standard
Docs
»
13 API and Web Service
»
13.2 RESTful Web Service Verification Requirements
13.2 RESTful Web Service Verification Requirements
ΒΆ
Browse by item:
13.2.1 Enabled RESTful HTTP methods are a valid choice for the user or action
13.2.2 JSON schema validation is in place
13.2.3 RESTful web services that utilize cookies are protected from CSRF
13.2.4 TODO
13.2.5 TODO
13.2.6 TODO