Comments (5)
Ooops... enter in the summary line submits the whole thing....
The attached patch adds missing tags for other encoding methods (though not
ldap, sql
or os) and EL functions for encoding methods.
trunk-taglib-enhancements-i36-i37.patch.gz
if issue 36 and issue 37 patches have been applied
trunk-taglib-enhancements.patch.gz
from current trunk (revision 700) including patches in issue 36 and issue 37
details:
add throws JspTagException to BaseCodeTag#encode so subclass can throw
exceptions
add ELEncodeFunctions class
provides public static methods that call ESAPI.encoder() methods
allows for EL functions in new taglib
add tags for missing & useful encoding:
EncodeForBase64Tag
EncodeForCSSTag
EncodeForURLTag
EncodeForXMLAttributeTag
EncodeForXMLTag
EncodeForXPathTag
rename EncodeForHTMLJavasSript to EncodeForJavaScript
previous name was inaccurate and confusing
minor javadoc fixes
EncodeForHTMLAttributeTag
EncodeForHTMLTag
EncodeForJavaScriptTag
EncodeForVBScriptTag
esapi.tld:
update from JSP spec 1.1 DTD to JSP spec 2.0 xml schema
required for EL functions
add descriptions
add new tags
add EL functions
Original comment by [email protected]
on 17 Oct 2009 at 4:58
Attachments:
from owasp-esapi-java.
I will review after RC3 for inclusion in 2.0 final
Original comment by chrisisbeef
on 23 Oct 2009 at 4:17
from owasp-esapi-java.
Original comment by chrisisbeef
on 29 Oct 2009 at 5:12
- Added labels: Milestone-Release2.0
from owasp-esapi-java.
Update patch now that issue 36 has been fixed. This patch assumes that the
issue 37
patch has already been applied.
Original comment by [email protected]
on 2 Nov 2009 at 10:47
Attachments:
from owasp-esapi-java.
Patch applied in revision 745 & 746
Original comment by [email protected]
on 4 Nov 2009 at 7:37
- Changed state: Fixed
from owasp-esapi-java.
Related Issues (20)
- AbstractAccessReferenceMap.addDirectReference not invariant
- setHeader blocks legitimate headers due to header name size limit being too low
- Log4j configuration with no root level causes NPE in Log4jLogger.java HOT 1
- Content Security Policy - Java Servlet Filter
- logger is gettin class cast exception
- [deleted issue]
- Regex in ESAPI.properties is not considering few of the french characters HOT 2
- Performance HOT 3
- -Log4JLogger.java doesn't output correct file & line number-Similar issue as reported in Issue 268
- HttpParamtervalue for allowing Xml Data
- HTTPParameterValue
- EncryptedPropertiesUtils Switch for Adding Values
- User session just jumped from unknown to 0:0:0:0:0:0:0:1 HOT 1
- ESAPI configuration files not included in dist.
- SecurityConfiguration for ESAPI.Encoder not found in ESAPI.properties. Using default: org.owasp.esapi.reference.DefaultEncoder HOT 1
- Need to update Apache Commons BeanUtils
- Multiple URLs are not supported by Validator.Redirect
- Duplicates ESAPI_en_US.properties in esapi-2.1.0-dist.zip HOT 1
- isValidInput failing for HTTPParameterValue {internalAction:getScreen} HOT 1
- StringUtilities.union() method is broken, weakens GenerateStrongPassword
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from owasp-esapi-java.