Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some default ESAPI.properties Validator patterns only allow one character #21

Closed
meg23 opened this issue Nov 13, 2014 · 2 comments
Closed

Some default ESAPI.properties Validator patterns only allow one character #21

meg23 opened this issue Nov 13, 2014 · 2 comments
Labels
bug imported Priority-Medium

Comments

@meg23
Copy link

meg23 commented Nov 13, 2014

From Calico...@gmail.com on January 15, 2009 11:07:19

The default ESAPI.properties has some validation patterns that only allow
one character. :

Validator.HTTPServerName=^[a-zA-Z0-9_.-]$
Validator.HTTPContextPath=^[a-zA-Z0-9.-]$
Validator.HTTPPath=^[a-zA-Z0-9.-]$
Validator.HTTPQueryString=^[a-zA-Z0-9()-=_.?;,+/:&_ ]$
Validator.HTTPURI=^[a-zA-Z0-9()-=_.?;,+/:&_ ]$

We needed to add a quantifier to each defined character class to support
more characters.

Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=11
@meg23
Copy link
Author

meg23 commented Nov 13, 2014

From kfe...@gmail.com on April 17, 2009 07:32:32

Status: Accepted
Owner: kfealz

@meg23
Copy link
Author

meg23 commented Nov 13, 2014

From kfe...@gmail.com on April 17, 2009 08:14:46

Status: Fixed

@meg23 meg23 closed this as completed Nov 13, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug imported Priority-Medium
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@meg23