jeremiahjstacey

On the surface it would seem that the environment whitelist configuration needs to be adjusted to allow the canonicalized data in the format you're expecting. From the documentation in the...

I am concerned about whether this is something we should provide. It feels like the reason we would make this change would be to allow ESAPI to run a single...

I think that the attached DefaultValidatorTest.txt shows the three \r \n \r\n cases with the safeReadLine method. [DefaultValidatorTest.txt](https://github.com/ESAPI/esapi-java-legacy/files/2182663/DefaultValidatorTest.txt)

I would like to suggest deprecating this method in DefaultValidator and instead offer an alternate implementation of a Reader. I've attached the premise of the suggestion below. Effectively, the BufferedLineLimitedReader...

I had not seen this test. I will note that there is no non-zero/positive checks on the max limit of my previously offered files. Those tests should be added if...

If that is an acceptable approach to resolution I will work to get it committed and offer it up. I mostly attached the file to illustrate the intent of the...

Is there follow up with this from the UTF-8 work?

@kwwall , while we were working to resolve the intermittent test failures From the FileBasedAuthenticator it was suggested on a couple of occasions that the implementation may not be as...

Sounds good. I'll try to follow up with you after the release.

@xeno6696, I think we can do this if we can convert the URI to a URL? (not sure of the feasibility) `URI.toURL() ` At that point we can look at...