[Esapi-user] [Esapi-dev] URL Validation and Encoding

Ed Schaller schallee at darkmist.net
Wed Sep 22 22:44:14 EDT 2010


> This should be easy enough to do with built-in methods of java.net.URL like
> getProtocol(), getHost(), getPath(), etc.

Just to be the devil's advocate here, what happens if the URL the
developer wants to support doesn't have a protocol handler? Is this
something we care about? If it is, java.net.URL wont work well and
adding new protocol handlers has implications on ClassLoaders and java
2 security.

>>>------>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : https://lists.owasp.org/pipermail/esapi-user/attachments/20100922/538a0ca0/attachment.bin 


More information about the Esapi-user mailing list