[Esapi-user] open text fields

ricardo gualberto r_gualberto at hotmail.com
Thu May 26 09:09:00 EDT 2011

  Hi Fabio,
          thanks a lot for your prompt response. Antisamy seems to be for HTML. There are two kinds of fields that we are
 having issues and would not make sense to enter HTML/JavaScript on 
these fields.
1- A description field where a user can enter a 
description of what the functionality it does. Users can add open text and 
we support locales like russian and japanese which we had issues.

2- We use regular expressions to process some data and there a some text fields where user can configure regular expressions similar to ^[[:space:]]*[][a-zA-Z0-9()<@ ~._-]+[$%>#][[:space:]]*$


> Date: Thu, 26 May 2011 11:59:45 +0100
> Subject: Re: [Esapi-user] open text fields
> From: fcerullo at gmail.com
> To: r_gualberto at hotmail.com
> CC: Esapi-user at lists.owasp.org
> what about OWASP AntiSamy?
> https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project
> Fabio
> On Tue, May 24, 2011 at 4:49 PM, ricardo gualberto
> <r_gualberto at hotmail.com> wrote:
> > on my web application there are a good number of fields that a user can
> > enter any kind of text. I have tried to set Regular expressions on a
> > Validator but ESAPI gives a message that the field is invalid. Looks like a
> > Validator regular expression will not cover my needs. What ESAPI recommends
> > for fields that allows open text? Do you know of a sample or documentation
> > about it?
> >
> > _______________________________________________
> > Esapi-user mailing list
> > Esapi-user at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/esapi-user
> >
> >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20110526/a122443f/attachment.html 

More information about the Esapi-user mailing list