[Esapi-user] Validate cannonicalization options

• Previous message: [Esapi-user] [Esapi-dev] AppSecUS
• Next message: [Esapi-user] [Esapi-dev] Validate cannonicalization options
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Folks,

 

I added 3 new functions to the ESAPI 2.0 Validator interface adding the
ability to disable canonicalization - these are implemented in the reference
implementation as well. (svn checkin 1512 and 1513)

 

boolean isValidInput(String context, String input, String type, int
maxLength, boolean allowNull, boolean canonicalize) throws
IntrusionException;

 

String getValidInput(String context, String input, String type, int
maxLength, boolean allowNull, boolean canonicalize) throws
ValidationException, IntrusionException;

 

String getValidInput(String context, String input, String type, int
maxLength, boolean allowNull, boolean canonicalize, ValidationErrorList
errorList) throws IntrusionException;

 

I also *disabled* canonicalization for getSafeHTML by default, since it
breaks HTML. (svn checkin 1514)

 

Acceptable? I'd like to push this for 2.0 rc8

 

- Jim

 

 

       

       

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100903/ae9a342e/attachment.html 

• Previous message: [Esapi-user] [Esapi-dev] AppSecUS
• Next message: [Esapi-user] [Esapi-dev] Validate cannonicalization options
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]