[Esapi-user] canonicalize before validate

Jeff Williams jeff.williams at aspectsecurity.com
Fri Feb 26 13:04:11 EST 2010

The default validator in the reference implementation does this automatically, so it's not necessary to canonicalize yourself.


-----Original Message-----
From: esapi-user-bounces at lists.owasp.org [mailto:esapi-user-bounces at lists.owasp.org] On Behalf Of Sebastian
Sent: Friday, February 26, 2010 12:13 PM
To: esapi-user at lists.owasp.org
Subject: [Esapi-user] canonicalize before validate

Hi, i wanted to know i the method getValidInput...  canonicalize the 
input before validate or it is necesary to invoke a canonicalize method 

String canonical = ESAPI.encoder().canonicalize(input);

email",canonical,type,60,*false*);   --->   is this necesary?

Thanks you!!
Esapi-user mailing list
Esapi-user at lists.owasp.org

More information about the Esapi-user mailing list