[Esapi-dev] servlet 2.3 support?
Jim Manico
jim.manico at owasp.org
Mon Feb 8 02:05:39 EST 2010
Very nice work Ed, thanks for taking this on!
- Jim
> K. I've committed changes that should allow 1.4 to compile and run with
> the servlet 2.3 spec. If folks with easy access to a 2.3 container could
> try it I would appreciate it.
>
> The one complication was SafeRequest#setCharacterEncoding(String). I had
> originally wanted to emulate this method for 2.3 but that requires hooking
> setContentType(String) and writing a parser for the Content-Type header
> so that modifying the charset parameter could be done properly. The
> work to do this and my general feeling that what SafeRequest's
> setCharacterEncoding(String) isn't a good idea made me not worry about
> it. The 2.3 version just throws a UnsupportedOperationException.
>
> The 2.4 versions calls the wrapped method via reflection. I'm caching
> the method looked up and not invoking it unless needed which should
> cut some of the reflection performance issues. If performance becomes
> a issue for anyone we can reassess how this is done.
>
> I still need to add the JSP 1.2 tld but I'm leaving that for another day.
>
>
>>>> ------>
>>>>
>>>> ------------------------------------------------------------------------
>>>>
>>>> _______________________________________________
>>>> Esapi-dev mailing list
>>>> Esapi-dev at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/esapi-dev
>>>>
--
Jim Manico
OWASP Podcast Host/Producer
OWASP ESAPI Project Manager
http://www.manico.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-dev/attachments/20100207/d92a8e27/attachment.html
More information about the Esapi-dev
mailing list