[Esapi-user] ESAPI 1.4.4 -> XMLEntityCodec -> encodeCharacter

Rama Krishna Pathangi rpathangi at hotmail.com
Tue Mar 20 16:43:57 UTC 2012


Hi,
We have been using ESAPI 1.4.4 for some time now. Currently we are running into an issue when feeding random text (some more text) to XMLEncodeCodec -> encodeCharacter.
The method encodeCharacter is spitting random text &#x28some more text&#x29 as opposed to random text (some more text).
What can we do to fix this problem with minimal impact to the project?
org.owasp.esapi.codecs.XMLEntityCodec

Method :

public String encodeCharacter(char[] immune, Character c)

    {

        // check for immune characters

        if(containsCharacter(c, immune))

            return
c.toString();

        // check for unencoded characters

        if(UNENCODED_SET.contains(c))

            return
c.toString();

        return "&#x" +
Integer.toHexString(c.charValue()) + ";";

    }
Thank You in advance.
--

RamaKrishna Pathangi

[p] 503.941.0202

 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120320/c8bbc08e/attachment.html>


More information about the Esapi-user mailing list