[OWASP-ESAPI] SafeHTTPFilter

Neuer, David david.neuer at Fiserv.com
Thu Nov 6 16:11:03 EST 2008


Is anyone successfully using SafeHTTPFilter?

 

With the default ESAPI.properties, it fails rather dramatically since it
wants to cleanse the servlet path, but there's no regex named
Validator.HTTPServletPath, so it tries to use the string
"HTTPServletPath" (needless to say, we don't have such a path in our
app).

 

Is there an example somewhere of what this should be set to, or have
people just copied Validator.URL's value (or Validator.HTTPURI from the
test properties)?

 

Dave

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-esapi/attachments/20081106/acdf01ab/attachment.html 


More information about the OWASP-ESAPI mailing list