[Esapi-user] Using esapi4js without log4js

eashwaran.padmanabhaswamy at aciworldwide.com eashwaran.padmanabhaswamy at aciworldwide.com
Thu Jan 5 01:52:40 UTC 2012

Hello Chris,

I'm using OWASP esapi4js 0.1.3.  Whenever my scripts encounter a 
javascript exception, like an script errors, a popup window is used for 
displaying the errors.  I would prefer not to use popup window.  I was 
wondering if it is possible to tell esapi4js or log4js (via esapi4js) to 
not use popup windows. 

The only way I found to disable the popup behaviour is to not include the 
log4js.js file.  But I wanted to check with you first, if it is even okay 
to use the esapi4js.js without including the log4js.js!  Is there any 
dependency in esapi4js on log4js? Will esapi4js function just as well 
without the inclusion of log4js?

I'm aware that we can use popup-blockers to block popup windows.  But I 
face a peculiar problem with Firefox (versions 8 and 9, and maybe some 
previous ones too) and the popup window thrown by log4js, when popup 
blocker is used with Firefox.  Firefox reports that it has blocked a few 
hundred popup windows and shows a dialog about a runaway script; 
essentially the Firefox hangs!  Chrome and IE decently just show me the 
'blocked popup' message and continue on.  But irrespective of this Firefox 
hang, I'd like to use ESAPI4JS without the popup windows.  I was wondering 
if that is possible.  I've googled on this topic, but didn't encounter any 
solutions or suggestions/advises of using esapi4js without log4js.

Thanks in advance for your help!


Eashwaran Padmanabhaswamy
ACI Worldwide
eashwaran.padmanabhaswamy at aciworldwide.com 

This e-mail message and any attachments may contain confidential, 
proprietary or non-public information.  This information is intended 
solely for the designated recipient(s).  If an addressing or transmission 
error has misdirected this e-mail, please notify the sender immediately 
and destroy this e-mail.  Any review, dissemination, use or reliance upon 
this information by unintended recipients is prohibited.  Any opinions 
expressed in this e-mail are those of the author personally.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120104/6161bc4c/attachment.html>

More information about the Esapi-user mailing list