Comments (3)
fyi I also use ESAPI.encoder().canonicalize()
Original comment by [email protected]
on 8 Jul 2014 at 6:34
from owasp-esapi-java.
Please somebody reply. I have a deadline to meet and i have no clue what to do.
Original comment by [email protected]
on 8 Jul 2014 at 8:26
from owasp-esapi-java.
Figured out the issue. In ValidInput we were not setting Encoder to true or
false Manually. So it used to read the properties and cause a Severe
Performance Issue. As a Data for 1 lakh Requests it took 3 times more time when
no input was provided. Maybe we should mention it in the documents somewhere as
a Safe Practice.
Original comment by [email protected]
on 8 Jul 2014 at 10:55
from owasp-esapi-java.
Related Issues (20)
- AbstractAccessReferenceMap.addDirectReference not invariant
- setHeader blocks legitimate headers due to header name size limit being too low
- Log4j configuration with no root level causes NPE in Log4jLogger.java HOT 1
- Content Security Policy - Java Servlet Filter
- logger is gettin class cast exception
- [deleted issue]
- Regex in ESAPI.properties is not considering few of the french characters HOT 2
- -Log4JLogger.java doesn't output correct file & line number-Similar issue as reported in Issue 268
- HttpParamtervalue for allowing Xml Data
- HTTPParameterValue
- EncryptedPropertiesUtils Switch for Adding Values
- User session just jumped from unknown to 0:0:0:0:0:0:0:1 HOT 1
- ESAPI configuration files not included in dist.
- SecurityConfiguration for ESAPI.Encoder not found in ESAPI.properties. Using default: org.owasp.esapi.reference.DefaultEncoder HOT 1
- Need to update Apache Commons BeanUtils
- Multiple URLs are not supported by Validator.Redirect
- Duplicates ESAPI_en_US.properties in esapi-2.1.0-dist.zip HOT 1
- isValidInput failing for HTTPParameterValue {internalAction:getScreen} HOT 1
- StringUtilities.union() method is broken, weakens GenerateStrongPassword
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from owasp-esapi-java.