esapi-java-legacy
esapi-java-legacy copied to clipboard
ESAPI
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
_From [[email protected]](https://code.google.com/u/116459577453661752272/) on September 30, 2010 00:41:47_ What steps will reproduce the problem? 1. I have locale specific site with russia,hungary, etc.. 2. there will be special character with locale...
_From [[email protected]](https://code.google.com/u/[email protected]/) on September 29, 2010 14:35:21_ XML-Validation is a good thing but only part of the story. It would be cool if there was an additional test that checked...
_From [[email protected]](https://code.google.com/u/[email protected]/) on November 11, 2009 21:33:01_ The WAF class InterceptingServletOutputStream is creating temporary files via: this.out = new RandomAccessFile ( File.createTempFile("oew", ".hop"), "rw" ); that are not being cleaned...
_From [[email protected]](https://code.google.com/u/110242786105136439221/) on July 31, 2009 15:46:21_ The unit tests packaged with ESAPI should only test the interface and not contain code that is specific to the default implementations. This...
In https://github.com/ESAPI/esapi-java-legacy/pull/491#issuecomment-502572982, @hellyguo discovered timing problems, presumably in part caused by the JIT optimization that caused an asserting in the testObjFactoryCache() to fail. For the short-term, I'm just commented out...
_From [[email protected]](https://code.google.com/u/101742868461706870274/) on May 02, 2011 18:06:24_ What steps will reproduce the problem? 1. Extend DefaultSecurityConfiguration 2. Override loadConfiguration() in the extending class 3. Call any method in the super...
If one upgrades from Apache Commons File Upload from 1.3.3 to 1.4 in pom.xml and runs 'mvn test', this causes JUnit test, org.owasp.esapi.reference.HTTPUtilitiesTest#testGetFileUploads to fail with root cause of 'file...
_From [[email protected]](https://code.google.com/u/118001108669668861204/) on December 30, 2010 18:12:59_ What steps will reproduce the problem? 1. Invoke BaseValidationRule.assertValid(String context, String input) What is the expected output? What do you see instead? Expected...
This is just a general ticket...more of a "master ticket" of sorts (in the JIRA sense at least), so I am not expecting this particular ticket be closed. Rather, if...
_From [[email protected]](https://code.google.com/u/101438244361853723051/) on July 22, 2011 15:43:52_ Hi ESAPI Validation is dependent on HttpServletRequest. This might be fine when running in a servlet container, but not for unit tests. Our...