精心设计且安全的 Web 应用程序示例 [英] Examples of well designed and secure web applications

问题描述

大多数人都知道 OWASP WebGoat 或 Foundstone 的 Hacme Books 和 Hacme 银行.这些是故意不安全的应用程序，旨在向初学者介绍常见的安全漏洞.

Most people would be aware of OWASP WebGoat or Foundstone's Hacme Books and Hacme Bank. These are deliberately insecure applications to teach beginners about common security vulnerabilities.

相反，我无法找到任何有意保护的应用程序.诚然，没有这样的应用程序是完全安全的，但是否有任何应用程序可以实施大多数其他应用程序应该遵循的最佳实践集合?

On the contrary I have not been able to locate any application that is intentionally secure. Granted that no such application is completely secure, but are there any applications that would implement a collection of best practices that most other applications should follow ?

PS:为了阐明我的需求，我正在寻找 Webgoat 的安全等价物"，或者甚至更好的安全 宠物商店 应用程序.在论文/网站/博客中讨论的安全设计权衡将是一个奖励.

PS: To clarify my needs, I'm looking for a 'secure equivalent' of Webgoat, or even better, a secure Pet Store application. Design tradeoffs for security, that are discussed in a paper/website/blog would be a bonus.

PPS:现在是社区维基，特别是因为可以/可能有几个正确的答案 - 这不是特定于语言的.

PPS: This is now community-wiki, especially since there can/could be several right answers - this is not language specific.

推荐答案

OWASP 指南包含此信息.

The OWASP Guide contains this information.

这篇关于精心设计且安全的 Web 应用程序示例的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！