[Esapi-user] OWASP Java Encoder 1.1.1 released!

Jim Manico jim.manico at owasp.org
Mon Feb 3 10:46:59 UTC 2014

The OWASP Java Encoder is a Java 1.5 simple-to-use drop-in 
*high-performance* encoder class with no dependencies and little 
baggage. This project will help Java web developers defend against Cross 
Site Scripting!

Version 1.1.1 of the OWASP Java Encoder has been released.

Release Notes:

1) ESAPI for Java Integration! The following Jar will override the 
default ESAPI Java Encoder class and will provide a rather dramatic 
increase in runtime performance, a rather dramatic decrease in object 
instantiation and a rather dramatic reduction in memory utilization for 
scalable encoding needs. Yes, dramatic! Some drama IS good! We honor the 
ESAPI Encoder interface and satisfy all existing unit tests for Encoding.



2) Squash those bugs!  The critical bug described here has been fixed. 
Thank you for this bug report and we will endeavor to move faster in the 

3) New Wiki Design! In an effort to provide a more professional front 
end for the project, we have already implemented the new OWASP wiki 
template that was released a few days ago. 

If you have any questions about deploying the OWASP Java Encoder 
project, please visit 
for Maven and manual Jar deployments. Please join the email list with 
any questions here: 

I want to give a huge thank you to Jeremy Long and Jeff Ichnowski for 
their gracious volunteer time and expertise in working on this project.

Happy Encoding from the OWASP Java Encoder Team,
Jim Manico, Jeff Ichnowski, Jeremy Long

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20140203/f3709ec8/attachment.html>

More information about the Esapi-user mailing list