Ticket #1536 (new task)
extend "secure-development"
| Reported by: | ischommer | Owned by: | aoneil |
|---|---|---|---|
| Priority: | medium | Milestone: | |
| Component: | Documentation | Version: | |
| Severity: | medium effort / impact | Keywords: | |
| Cc: | Hours: | 2 |
Description (last modified by ischommer) (diff)
http://doc.silverstripe.com/doku.php?id=secure-development
- secured pages
- authentication
- permission-control
- preventing XSS
- controller-security (underscore/private methods)
- php security (e.g. safemode, register_globals, links only)
- Security::defaultAdmin
- merge with http://doc.silverstripe.com/doku.php?id=how-page-security-works
Sean: I notice there is a lot of interest about security - in terms of being able to secure the site. We know there are ways to do it, but there is no ‘best practise’ way that I can see. Perhaps a tutorial would be good.
Ingo: I think this should be more use-case/best-practice focused. a tutorial just makes sense with a certain goal in mind, but "secure development" is too widespread for this.
Change History
Note: See
TracTickets for help on using
tickets.
