Web Application Security Policy Document: Mozilla Web App

Just a quick post to let you know about an excellent security policy resource I have found.  Mozilla have published a set of  Web Application Security Guidelines.   This is an excellent document.  If you are a developer then you should be familiar with all of these issues and should use this as a check list.  If you manage a web development team then you should consider building this into your in house standards.  Finally if you are a business person who commissions web development projects then I suggest that you seriously consider making compliance with this set of guidelines mandatory the next time you give a developer a contract.


Zend PHP degugger not working with 64bit Apache HTTPD on Mac OSX 10.5.7

I’ve been trying to work out why the Zend Debugger wasn’t working from Zend Studio on one of our developer PC’s.  We checked everything from the location of the plugin, php.ini, Apache config, comparing this with a Linux box where it seems to work fine.  After pulling my hair out and spending some time on Google I found that this is a known issue which hopefully Zend will be fixing soon.  In the meantime you can work around this by forcing Apache back into 32 bit mode as follows:

1. Stop Apache HTTP

sudo apachectl stop

2. Restart it in 32 bit mode

sudo arch -386 /usr/sbin/httpd

It then works perfectly.