Twe (Twe Whitelist Enforcer) is used to enforce pre-defined HTML code. It takes "bad" HTML as input and returns HTML matched against a flexible and easy to extend set of rules. It can be used to allow HTML input for your Web forum without opening yourself to cross-site scripting attacks.
BEJY is a modular server application. It is packaged, by default, as a Web application container and mail server with SSL. It has functionality similar to inetd, and has some helper classes/functions to ease the implementation of new protocols. It provides a generic multithreaded TPC/IP server implementation with optional SSL support, covering the complete connection and thread management. Each supported service provides its protocol implementation. The current version comes with HTTP, SMTP, POP3, and IMAP protocol implementations. The HTTP protocol implementation also contains a servlet engine, a JSP 1.2 engine, a handler to invoke CGI, and other useful things. The mail protocols require a database using JDBC, as MySQL, MSSQL, and others.
htmLawed is a PHP script that makes input text more secure, HTML standards-compliant, and suitable in general from the viewpoint of a Web-page administrator, for use in the body of HTML 4 or XHTML 1 or 1.1 documents. It is a customizable HTML/XHTML filter, processor, purifier, and sanitizer. It can ensure that HTML tags are balanced and properly nested tags, neutralize code that may be used for cross-site scripting (XSS) attacks, and limit the allowed HTML elements, tags, attributes, or URL protocols.
phpSecurePages is a PHP module to secure pages with a login name and password. It can handle multiple user groups (each with their own viewing rights), store data in a MySQL database or a configuration file, and be used to identify your Web site viewers. It also has multiple language support and optional IP-based access restrictions.
WebAbility is an advanced Web development platform that contains WebFlow, a content management system (CMS), a security advanced system (SAS), a powerful workflow engine, and Web site wrappers. It supports multiple database connections, multiple languages, multiple presentation templates, page, script, and library versioning, XML and Web Services integration, and advanced security management. It uses plugins to extend the software for tasks such as e-commerce, portals, intranets, and editorial systems.
Expresso Framework is an open standards-based J2EE architectural framework that allows the developer to concentrate on application logic. It is a library of extensible Java Server application framework components for creating database-driven Web applications based on open standards. Expresso integrates with Apache Jakarta Struts, which emphasizes presentation and application configuration, and bringing a powerful tag library to Expresso. Expresso adds capabilities for security, robust object-relational mapping, background job handling and scheduling, self-tests, logging integration, automated table manipulation, database connection pooling, email connectivity, event notification, error handling, caching, internationalization, XML automation, testing, registration objects, configuration management, workflow, automatic database maintenance, and a JSP tag library.
suPHP is a combination of an Apache module (mod_suphp) and an executable which provides a wrapper for PHP. With both together, it is possible to execute PHP scripts with the permissions of their owner without having to place a PHP binary in each user's cgi-bin directory. suPHP doesn't need Apache's suExec, and provides a logging function.
OpenSubsystems is set of business components for Java applications such as security, search, inventory management, order processing, shopping, email and fax communication, document management, imaging, and others. The components can be used directly on top of Java Virtual Machine (POJO) or using various J2EE application servers (EJB). This is all without changing a single line of code.