owasp-java-encoder
owasp-java-encoder copied to clipboard
OWASP
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site...
Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 5.3.19 to 5.3.20. Release notes Sourced from spring-core's releases. v5.3.20 :star: New Features Refine CachedIntrospectionResults property introspection #28445 Improve tests and Javadoc on binding to a property...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
I suggest creating a **`SECURITY.md`** file describing your security process for reporting any security vulnerabilities. I can be as simple as "Report the issue as an email to [email protected] with...
Hi. I would like to report an issue that when using the encoder with jsp tags it works perfectly only when using static content like this: `
Hi, I want to replace Encode::forUri with something that is not depricated. Does anyone know what method should I use to cover that up? I can't use forUriComponent() because I...
We should create a function to safely embed JSON on a webpage simular to to what https://github.com/yahoo/serialize-javascript accomplishes.
Bumps [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) from 5.3.19 to 6.0.15. Release notes Sourced from org.springframework:spring-core's releases. v6.0.15 :star: New Features Skip buffer allocation in StreamUtils.copy(String) #31631 :lady_beetle: Bug Fixes <replaced-method /> unnecessarily requires explicit...
Hi, is it possible to combine the OWASP Sanitizer and the OWASP Encoder to not remove malicious code but to encode the problematic parts from a given string, so that...
Compilation breaks with org.owasp.esapi:esapi:2.5.1.0 because org.owasp.encoder.esapi.ESAPIEncoder.Impl does not implement the new methods * org.owasp.encoder.esapi.ESAPIEncoder.Impl#decodeFromJSON * org.owasp.encoder.esapi.ESAPIEncoder.Impl#encodeForJSON which were introduced with the 2.5.1.0. Solution (?): * Set a fix dependency on...
Hi Jim Manico! I couldn't sanitize the vector "", using the methods available in "encoder-1.2.3.jar", I would like some help to be able to identify if using the "ESAPI" this...
Hello, I have tried using the core encoder in a project with java9+ modules but the automatic module name is missing from the jar manifest, version 1.2.3, (even though I...
