esapi-java-legacy
esapi-java-legacy copied to clipboard
ESAPI
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
_From [[email protected]](https://code.google.com/u/104898723117297854916/) on October 08, 2014 05:33:32_ What steps will reproduce the problem? 1. Trying to validate the login of Authenticator class. What is the expected output? What do you...
_From [[email protected]](https://code.google.com/u/[email protected]/) on August 23, 2012 12:52:19_ Currently (in ESAPI 2.0.1 and earlier), the Encryptor.MasterKey and Encryptor.MasterSalt are both generated and stored in bas64-encoded format. Hex-encoding is more conventional for...
_From [[email protected]](https://code.google.com/u/107588928691140897759/) on June 01, 2012 12:08:14_ What steps will reproduce the problem? 1. define invalid HTML String 2. validate it with getValidSafeHtml passing an empty error list as a...
_From [[email protected]](https://code.google.com/u/106863696289161512808/) on February 26, 2012 15:08:50_ The attached ziped project is finished and tested code for moving validation patterns of http fields like Email, etc out of ESAPI.properties. This...
_From [[email protected]](https://code.google.com/u/106863696289161512808/) on February 22, 2012 09:07:07_ If we add a method to Validator interface to assert whether an HttpServletRequest is valid, clients will not have to use Safe request....
_From [[email protected]](https://code.google.com/u/104022779424715571998/) on January 24, 2012 06:53:51_ What steps will reproduce the problem? 1.Start authentication process with anonymous@unknown 2.Try to login() with a valid user 3.User/password are accepted 4.Verification for...
_From [[email protected]](https://code.google.com/u/106391830137709123117/) on November 24, 2011 21:50:30_ What steps will reproduce the problem? public class HelloWorldTest extends TestCase { @Test public void testIsValidEmail() { Validator instance = ESAPI.validator(); System.out.print("before hang");...
_From [[email protected]](https://code.google.com/u/107548680547605584412/) on October 18, 2011 03:19:41_ Hi, I don't know if posting here is appropriate but just delete if it's in the wrong section. I got JUnit test failing...
_From [luke.biddell](https://code.google.com/u/luke.biddell/) on August 31, 2011 05:06:13_ As per the discussion on the mailing list, SecurityWrapperRequest.getHeaderValues is applying the HTTPHeaderValue validator to the cookie headers and restricting the length to...
_From [[email protected]](https://code.google.com/u/108508806528520254090/) on August 30, 2011 13:41:40_ Primarily, these enhancements add an operational mode to the WAF in which all inputs to the web application are validated against a strict...