[Esapi-user] org.owasp.esapi.filters.SecurityWrapperRequest and WrapperResponse
Ray.Lukas at supermedia.com
Mon May 23 11:32:48 EDT 2011
Cool man.. thanks.. that is what I thought.. Now onto trying out this SwingSet.. thanks boss..
From: Jim Manico [mailto:jim.manico at owasp.org]
Sent: Monday, May 23, 2011 11:30 AM
To: Lukas, Ray
Cc: esapi-user at lists.owasp.org; Lukas, Ray
Subject: Re: [Esapi-user] org.owasp.esapi.filters.SecurityWrapperRequest and WrapperResponse
SecurityWrapperRequest is indeed the new SafeRequest :)
On May 23, 2011, at 4:21 PM, "Lukas, Ray" <Ray.Lukas at supermedia.com<mailto:Ray.Lukas at supermedia.com>> wrote:
Simple Yes No question I hope..
I am new to ESAPI and working to understand what I think will be a HUGE help to us.
I am reading (what I am sure is a old document) www.owasp.org/images/7/79/ESAPI_Book.pdf<http://www.owasp.org/images/7/79/ESAPI_Book.pdf>
On Page 51 it identifies several threats dealing with Session objects and some ways to deal with them.
SafeRequest no longer seems to exist..
So I should use
and I should use these in my servlet input parameters to take care of these threats? Or do I need to do more?
Esapi-user mailing list
Esapi-user at lists.owasp.org<mailto:Esapi-user at lists.owasp.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user