PHP-CSAS

Context-Sensitive Auto-Sanitization for PHP

View the Project on GitHub php-csas/php-csas

One Goal: Context-Sensitive Auto-Sanitization for PHP

Build Status

Overview

We are building off of the work done by previous leaders in this field, including inspiration from a paper from Google and UC Berkeley. Languages like Java (Google Soy Templates), C (CTemplate), and Python (Django) and others have modules similar to PHP-CSAS for implementing auto-escaping for various template languages. Our goal is to bring the functionality of these languages into PHP.

Documentation

Documentation can be found on the GitHub Wiki.

Background of Project

This project is the senior thesis project for five students (@jaredmichaelsmith, @kylebshr, @josconno, @davpcunn, @traviswork) at the University of Tennessee, Knoxville, sponsored by the Advanced Security Initiatives Group at Cisco Systems.

How it Works

Semantics Diagram

More details can be found in the documentation.