Fierozen / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java
Other
0 stars 0 forks source link

Incorrect import in HTMLValidationRule #215

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1.Visually inspect HTMLValidationRule.java and notice that the static 
initialization block is throwing 
org.apache.commons.configuration.ConfigurationRuntimeException. My guess is 
that it should be throwing org.owasp.esapi.errors.ConfigurationException and 
this was a mis-selection of a choice within an IDE.

What is the expected output? What do you see instead? I would have expected to 
The static initialization block should be throwing an org.owasp.esapi based 
exception.

What version of the product are you using? On what operating system?
2.0_rc10 - Linux.

Does this issue affect only a specified browser or set of browsers?
No

Please provide any additional information below.
My team is using ESAPI to remediate Fortify-identified security issues and have 
modified it to reduce the number of transitive dependences being introduced by 
the addition of ESAPI. The throwing of the commons-configuration exception adds 
commons-configuration.jar, plus all of its transitive dependencies. Note: We've 
excluded the org.owasp.esapi.reference.accesscontrol dependencies and therefore 
have otherwise excluded the dependency upon commons-configuration. Since we are 
remediating 19 components, component dependency conflicts are a large issue, 
hence making it very important that we eliminate any unneeded jar. 

If the committers agree with the change, please add this to the next version 
2.0 release candidate.
Thanks!

Original issue reported on code.google.com by dave.w...@gmail.com on 22 Mar 2011 at 8:46

GoogleCodeExporter commented 9 years ago
This is fixed, checking 1736

Original comment by manico.james@gmail.com on 22 Mar 2011 at 10:12