Fix Encoder.encodeForLDAP and Encoder.encodeForDN so they are strictly conformant with Section 3 of RFC 4515

ESAPI / esapi-java-legacy

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.

https://owasp.org/www-project-enterprise-security-api/

Other

598 stars 363 forks source link

Fix Encoder.encodeForLDAP and Encoder.encodeForDN so they are strictly conformant with Section 3 of RFC 4515 #812

Closed kwwall closed 7 months ago

kwwall commented 7 months ago

Describe the bug The implementations for ESAPI 2.5.2.0 and earlier for the Encoder.encodeForLDAP and Encoder.encodeForDN is not strictly conformant to Section 3 of RFC 4515

Specify what ESAPI version(s) you are experiencing this bug in All previous ESAPI versions.

Resolved With @noloader's PR #790.

kwwall commented 7 months ago

PR #790 addresses this. This GitHub issue was created after the fix just to track this in the 2.5.3.0 release notes.