Esapi - Security Api

I do not know if you know this project Enterprise Security API, it is special project to increase security of the web.

Here is php implementation:

http://code.google.com/p/owasp-esapi-php/

Maybe it would be good idea to use it in core of Yii 2.0?

I think we have pretty solid security layer in 1.1. Still, it worth checking. Thanks.

I agree, however CSecurityManager should be revamped http://www.yiiframew…ecuritymanager/

This project was pointed out by Security Engineer from my current company. If you think it is not worth to be added to Yii 2.0, that’s fine you are core devs here :)

micz

Check my link. What I think is that we should never trust any code w/o actually checking it for security issues. Well, except when you don’t care :)