[Esapi-user] [OWASP-ESAPI] Issues with Input validation using ESAPI

Kevin W. Wall kevin.w.wall at gmail.com
Thu Jul 29 08:07:27 EDT 2010

Kesavanarayanan, Ramesh wrote:
> Dont shake too much off your head Kevin. I guess you are completely
> mistaken by the string name used for an example as "pwdRegEx" even though
> it was not a regular expression intended for passwords.

LOL. That just goes to show you the importance of a name, or perhaps
the power of suggestion. Craig implied it was for checking passwords,
Jeff seemed to agree, and I ran with it....totally out of bounds.
And that was one of my better rants, too. ;-)

Sebastian Kübeck wrote:
> And no, FORTRAN (at least 77 and before) doesn't handle this better... *LOL*

There's a blast from the past. And I thought I was the only dinosaur on this
list. Although I cut my teeth on FORTRAN 66 in '75... on punched cards! Ow!
But at least I managed to entirely avoid COBOL so I wasn't ruined for life. ;-)

Kevin W. Wall
"The use of COBOL cripples the mind; its teaching should, therefore,
be regarded as a criminal offence."  -- Edsger Dijkstra
in "EWD498: How Do We Tell Truths That Might Hurt?"

More information about the Esapi-user mailing list