Merge pull request #69 from Mohamed3on/master

Add links for more info.
shieldfy · Jul 25, 2017 · 9ee1fde · 9ee1fde
2 parents 92dc3f7 + 20e0d62
commit 9ee1fde
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -5,8 +5,8 @@ Checklist of the most important security countermeasures when designing, testing
 
 ------------------------------------------------------------------------------
 ## Authentication
-- [ ] Don't use `Basic Auth` Use standard authentication (e.g. JWT, OAuth).
-- [ ] Don't reinvent the wheel in `Authentication`, `token generating`, `password storing`. Use the standards.
+- [ ] Don't use `Basic Auth` Use standard authentication (e.g. [JWT](https://jwt.io/), [OAuth](https://oauth.net/)).
+- [ ] Don't reinvent the wheel in `Authentication`, `token generation`, `password storage`. Use the standards.
 - [ ] Use `Max Retry` and jail features in Login.
 - [ ] Use encryption on all sensitive data.
 
@@ -41,7 +41,7 @@ Checklist of the most important security countermeasures when designing, testing
 - [ ] Don't auto-increment IDs. Use `UUID` instead.
 - [ ] If you are parsing XML files, make sure entity parsing is not enabled to avoid `XXE` (XML external entity attack).
 - [ ] If you are parsing XML files, make sure entity expansion is not enabled to avoid `Billion Laughs/XML bomb` via exponential entity expansion attack.
-- [ ] Use CDN for file uploads.
+- [ ] Use a CDN for file uploads.
 - [ ] If you are dealing with huge amount of data, use Workers and Queues to process as much as possible in background and return response fast to avoid HTTP Blocking.
 - [ ] Do not forget to turn the DEBUG mode OFF.