Skip to Main Content
This paper proposes a code security inspection system based on the Subversion, which aims to avoid the submission of risk codes that contain vulnerabilities such as SQL injection, XSS (Cross Site Script) attacks and CSRF (Cross-site request forgery) to SVN repositories. In the proposed system, the submitted code will be scanned and checked and then the results will be sent to the SQA (Software Quality Assurance) units to ensure the product's safety. The system mainly adopts dependency injection and inversion of control used in the spring framework, and thus it has high scalability and maintainability. The system is also practical, independent, and highly configurable which can meet the needs of different users.
Date of Conference: 27-29 June 2011