[Esapi-user] org.owasp.esapi.filters.SecurityWrapperRequest and WrapperResponse

Lukas, Ray Ray.Lukas at supermedia.com
Mon May 23 10:21:40 EDT 2011


Simple Yes No question I hope..

I am new to ESAPI and working to understand what I think will be a HUGE help to us.
I am reading (what I am sure is a old document) www.owasp.org/images/7/79/ESAPI_Book.pdf<http://www.owasp.org/images/7/79/ESAPI_Book.pdf>

On Page 51 it identifies several threats dealing with Session objects and some ways to deal with them.
SafeRequest no longer seems to exist..
So I should use
org.owasp.esapi.filters.SecurityWrapperRequest
and
org.owasp.esapi.filters.SecurityWrapperResponse
and I should use these in my servlet input parameters to take care of these threats? Or do I need to do more?

Thanks Guys:
ray
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20110523/1e7ab8b5/attachment.html 


More information about the Esapi-user mailing list