Top "Esapi" questions

The Enterprise Security API (ESAPI) is a library developed by the Open Web Application Security Project (OWASP).

How to fix open redirect issue in java

Currently my java code uses response.sendRedirect(request.getRequestUrl().toString()); Which is an open redirect. I have to fix this …

Read More
java security esapi
What is use of validation.properties for ESAPI.encoder().encodeForSQL in ESAPI

I am using ESPAI for SQLInjection prevention in Java. I am only using ESAPI.encoder().encodeForSQL(ORACLE_CODEC,queryparam)) method. …

Read More
java esapi
Fixing Cross site scripting vulnerability in java using OWASP

I am working on fixing Cross site scripting issues in java.Since i am new to OWASP, could someone please …

Read More
java xss esapi
How to implement the OWASP ESAPI validator with groups of validation attempts in ColdFusion?

I have been playing around with the OWASP ESAPI utilities that are included with ColdFusion 9. ColdFusion's Builtin Enterprise Security API. …

Read More
coldfusion coldfusion-9 cfml esapi
ClasscastException - org.apache.log4j.Logger cannot be cast to org.owasp.esapi.Logger - log4j to log4j2

I am working on upgrading log4j to log4j2. In that process I am getting a Logger Class cast …

Read More
logging jboss7.x log4j2 esapi
ESAPI XSS prevention for user supplied url property

One of my REST APIs is expecting a property "url" which expects a URL as input from the user. I …

Read More
java encoding xss owasp esapi
ESAPI throwing org.owasp.esapi.errors.ConfigurationException when trying to log a warning

We've added a filter to our spring webapp that checks all incoming requests for anything that could cause an XSS …

Read More
java spring esapi
ESAPI canonicalize malforming url

We have an application that accepts URLs from users. This data needs validation, and we're using ESAPI for this purpose. …

Read More
java validation owasp canonicalization esapi
java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception

I'm a newbie to ESAPIm and I've been looking for answers for days. I got the following error: Attempting to …

Read More
java eclipse security esapi invocationtargetexception
encodeForHtml() vs htmlEditFormat()

encodeForHtml() (new in CF10) vs htmlEditFormat(), how are they different?

Read More
coldfusion esapi coldfusion-10