esapi-java-legacy icon indicating copy to clipboard operation
esapi-java-legacy copied to clipboard
verified publisher icon ESAPI

SecurityWrapperRequest.getHeaderValues - cookie handling

Open meg23 opened this issue 11 years ago • 0 comments

From luke.biddell on August 31, 2011 05:06:13

As per the discussion on the mailing list, SecurityWrapperRequest.getHeaderValues is applying the HTTPHeaderValue validator to the cookie headers and restricting the length to 150 chars.

Chris suggested that this method should ignore cookies along with SecurityWrapperResponse too.

Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=245

meg23 avatar Nov 13 '14 18:11 meg23