Confirmed users
2,197
edits
QA/Execution/Web Testing/Project Checklist: Difference between revisions
Jump to navigation
Jump to search
QA/Execution/Web Testing/Project Checklist (view source)
Revision as of 01:54, 24 February 2012
, 24 February 2012→Security
No edit summary |
|||
| Line 65: | Line 65: | ||
=Security= | =Security= | ||
* | * Complete the following (taken from [[WebAppSec/Secure_Coding_QA_Checklist]]) | ||
** [[WebAppSec/Secure_Coding_QA_Checklist#Test: Input Validation For User Controlled Data|Test: Input Validation For User Controlled Data]] | |||
** [[WebAppSec/Secure_Coding_QA_Checklist#Test: SQL Injection|Test: SQL Injection]] | |||
** [[WebAppSec/Secure_Coding_QA_Checklist#Test: Output Encoding For User Controlled Data|Test: Output Encoding For User Controlled Data]] | |||
** [[WebAppSec/Secure_Coding_QA_Checklist#Test: CSRF|Test: CSRF]] | |||
** [[WebAppSec/Secure_Coding_QA_Checklist#Test: Account Lockout -- INACTIVE|Test: Account Lockout -- INACTIVE]] | |||
** [[WebAppSec/Secure_Coding_QA_Checklist#Test: X-Frame-Options|Test: X-Frame-Options]] | |||
*Runs on both HTTP / HTTPS? Mixed-content warnings? Cert set up? | *Runs on both HTTP / HTTPS? Mixed-content warnings? Cert set up? | ||
**Should HTTP requests get automatically redirected to HTTPS, by default? | **Should HTTP requests get automatically redirected to HTTPS, by default? | ||