Questions tagged [esapi]

The Enterprise Security API (ESAPI) is a library developed by the Open Web Application Security Project (OWASP). It is available for numerous languages with the aim of providing web security related features missing in those languages (and its internal APIs) itself.

Part of the Open Web Application Security Project. Details are available on the ESAPI homepage. Currently the API is available for:

Java
.Net
Classic ASP
PHP
ColdFusion and CFML
Python
JavaScript

307 questions

votes

3 answers

Error using esapi

I'm trying to use OWASP ESAPI in my project. but the problem is owasp documentation is too complicated too me. I'm trying using validation from esapi but i can't get the results even if there's no error. import org.owasp.esapi.ESAPI; import…

asked Jun 27 '12 at 06:47

Morgan Azhari

votes

1 answer

Test Negative scenario of ESAPI.validator().isValidFileContent()

I need to test negative scenario of API owasps ESAPI.validator().isValidFileContent() i have tried passing bytes of .exe and .ini files, where as the test was through i.e, the return type was true meaning its a valid file content. What is…

java owasp esapi

asked Jun 22 '12 at 06:50

Pramod CA

votes

3 answers

Should encodeForHtml() & encodeForURL() be used from CF10 onward, in favor of htmlEditFormat() & urlFormat()?

In an earlier question encodeForHtml() vs htmlEditFormat(), how are they different, it seems like the new encodeForHtml() & encodeForURL() functions are superior to htmlEditFormat() & urlFormat() respectively. Should the esapi-based encodeForXXX…

security coldfusion coldfusion-10 esapi

asked May 15 '12 at 16:24

Henry

32,689
19
120
221

-1

votes

1 answer

ESAPI encryption and decryption

I am using ESAPI Base64 encryption and decryption shown as is in: http://www.programcreek.com/java-api-examples/index.php?api=org.owasp.esapi.codecs.Base64 This is how my code looks: import org.owasp.esapi.crypto.CipherText; import…

encryption groovy base64 esapi

asked Apr 01 '17 at 16:52

TechDiva

-1

votes

2 answers

Why to use ESAPI.validator().getValidFileContent() ? What is an invalid or corrupt file?

Please tell me. I am using ESAPI for validation, escaping n all that and i have this confusion. Please share your experience.

java xss esapi

asked Jun 26 '12 at 10:56

R.K.R

-2

votes

1 answer

Trying to Use ESAPI but getting Error as ConfigurationException

ESAPI: WARNING: System property org.owasp.esapi.opsteam is not set ESAPI: WARNING: System property org.owasp.esapi.devteam is not set ESAPI: Attempting to load ESAPI.properties via file I/O. ESAPI: Attempting to load ESAPI.properties as resource…

esapi

asked Jan 12 '23 at 09:21

UMAMAHESH

-2

votes

1 answer

HTML Entities Encoder in JSP

I want to use an HTML Entity Encoder for my HTML

${data}

I was using ESAPI library ESAPI.encoder().encodeForHTML But I am not sure if it is correct, because for instance, the result of encoding test/a/2 using…

html security xss owasp esapi

asked Jul 04 '16 at 08:54

María Belén Esteban Menéndez

Prev 1 2 3

…