SecurityWrapperRequest.getContextPath() throws IntrusionException when application is deployed at the ROOT path

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Create an application that uses org.owasp.esapi.filters.SecurityWrapper
2. Deploy the webapp to the ROOT context (/)
3. Call request.getContextPath() on a wrapped request. 

What is the expected output? What do you see instead?

The expected output is the empty String (""). Instead you get an 
IntrusionException because SecurityWrapperRequest attempts to validate the 
context path with allowNull = false

Patch attached. I'm going to commit this if there are no objections. 

Original issue reported on code.google.com by augu...@gmail.com on 2 Nov 2010 at 7:40

Attachments:

• ESAPI-168.diff

[GoogleCodeExporter]

Patch checked in to svn. 

Original comment by augu...@gmail.com on 2 Nov 2010 at 7:44

• Changed state: Fixed

[GoogleCodeExporter]

Thanks August, nice work. This will be a part of ESAPI 2.0 rc11

Original comment by manico.james@gmail.com on 3 Nov 2010 at 5:23

• Changed state: Verified