Direct Object References

This simple web application shows how the OWASP Enterprise Security API can mask direct references and hide them behind unpredictable indirect references.

Random Access Reference Map

The following file references are created randomly but still enable you to download the file.

Direct Download

The following file references are direct references using the file name and will not work since this is not a valid entry in the reference map.