{"id":1852,"date":"2014-12-23T16:31:46","date_gmt":"2014-12-23T14:31:46","guid":{"rendered":"http:\/\/hasselba.ch\/blog\/?p=1852"},"modified":"2014-12-30T19:28:52","modified_gmt":"2014-12-30T17:28:52","slug":"rest-security","status":"publish","type":"post","link":"https:\/\/hasselba.ch\/blog\/?p=1852","title":{"rendered":"REST &#038; Security"},"content":{"rendered":"<p>I am currently wearing my white hat and doing some pen and vulnerabilty tests for a RESTful API. While this is actually a hot topic in the Domino world, here are some resources:<\/p>\n<ul>\n<li>CSRF\u00a0&amp; REST: <a title=\"appsandsecurity.blogspot.de: Stateless CSRF Protection\" href=\"http:\/\/appsandsecurity.blogspot.de\/2012\/01\/stateless-csrf-protection.html\" target=\"_blank\">Stateless CSRF Protection<\/a><\/li>\n<li>Stateless Session IDs: <a title=\"appsandsecurity.blogspot.de: REST and Stateless Session IDs\" href=\"http:\/\/appsandsecurity.blogspot.de\/2011\/04\/rest-and-stateless-session-ids.html\" target=\"_blank\">REST and Stateless Session IDs<\/a><\/li>\n<li><a title=\"owasp.org: REST Security Cheat Sheet\" href=\"https:\/\/www.owasp.org\/index.php\/REST_Security_Cheat_Sheethttp:\/\/\" target=\"_blank\">REST Security Cheat Sheet<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I am currently wearing my white hat and doing some pen and vulnerabilty tests for a RESTful API. While this is actually a hot topic in the Domino world, here are some resources: CSRF\u00a0&amp; REST: Stateless CSRF Protection Stateless Session &hellip; <a href=\"https:\/\/hasselba.ch\/blog\/?p=1852\">Weiterlesen <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35],"tags":[60,90],"class_list":["post-1852","post","type-post","status-publish","format-standard","hentry","category-security","tag-rest","tag-security"],"_links":{"self":[{"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1852","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1852"}],"version-history":[{"count":3,"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1852\/revisions"}],"predecessor-version":[{"id":1865,"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1852\/revisions\/1865"}],"wp:attachment":[{"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1852"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1852"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hasselba.ch\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1852"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}