[Esapi-dev] esapi-2.0.1.jar - incorrect treatement of named html entities?

Günther Zwetti guenther.zwetti at unycom.com
Wed Jul 25 17:25:23 UTC 2012


Hi Chris,

thanks for your answer. What do you mean by "should be an option, not default"?
With the current implementation, characters like Ü,Ä,Ö (which are often used in countries like Austria or Germany) can never be displayed correctly but only their lower case representations  ü,ä,ö.
And this is definitely wrong and not only a matter of choice, isn't it?

Could you therefore please make a suggestion what to do? Do you think my bug fix to be correct without any negative side effects?
And what about the hard coded list and their configuration "double"? Are there any differences between those two lists and what are they used for?

Thanks for your answers in advance!
Kind regards,
Günther
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-dev/attachments/20120725/1c5a23b8/attachment.html>


More information about the Esapi-dev mailing list