fusioncop owasp-esapi-java issues

fusioncop / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java

Other

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

BaseValidationRule.assertValid(String context, String input) causes NPE if input is not valid.

#195 GoogleCodeExporter opened 9 years ago
4
DefalutValidator.isValidSafeHTML() doesn't work

#194 GoogleCodeExporter opened 9 years ago
12
CipherTextSerializer.java - Assertions

#193 GoogleCodeExporter closed 9 years ago
1
Change the ".esapi" folder to "esapi"

#192 GoogleCodeExporter closed 9 years ago
2
getValidDirectoryPath needs to verify canonicalization better

#191 GoogleCodeExporter closed 9 years ago
1
DefaultHttpUtilities.sendRedirect should throw AccessControlException, not IOException

#190 GoogleCodeExporter opened 9 years ago
2
login() should not require POST method if user is found in session

#189 GoogleCodeExporter opened 9 years ago
0
UnInitialized esapi logging assumes logging to System.out/System.err - Make configurable/extensible

#188 GoogleCodeExporter opened 9 years ago
4
not able to encode/validate Windows style paths

#187 GoogleCodeExporter opened 9 years ago
1
Split ESAPI into Components

#186 GoogleCodeExporter opened 9 years ago
0
Unit test code for taglibs

#185 GoogleCodeExporter opened 9 years ago
1
Bug found in union() method of EncoderConstants class.

#184 GoogleCodeExporter closed 9 years ago
2
Add BoundedBufferedReader class to prevent readLine DoS

#183 GoogleCodeExporter opened 9 years ago
3
Sign and Seal ESAPI JAR

#182 GoogleCodeExporter opened 9 years ago
2
Develop SecurityManager class

#181 GoogleCodeExporter opened 9 years ago
3
Consider tamper resistant audit log

#180 GoogleCodeExporter opened 9 years ago
2
Storing encryption keys in a separate key vault

#179 GoogleCodeExporter opened 9 years ago
2
SecurityWrapperRequest seems to mishandle/swallow allowNull argument

#178 GoogleCodeExporter opened 9 years ago
3
Add new "audit" log level that ALWAYS get's logged

#177 GoogleCodeExporter closed 9 years ago
2
Please migrate the WAF to using the ESAPI logging mechanism

#176 GoogleCodeExporter closed 9 years ago
1
Please migrate the WAF to using the ESAPI logging mechanism

#175 GoogleCodeExporter closed 9 years ago
1
JSESSIONID is hard-coded in WAF files

#174 GoogleCodeExporter closed 9 years ago
4
AccessControlPolicy.xml configuration

#173 GoogleCodeExporter closed 9 years ago
1
Break up HTTPUtilities into several classes per SRP

#172 GoogleCodeExporter opened 9 years ago
3
Broken links to ESAPI-User mailinglist

#171 GoogleCodeExporter closed 9 years ago
3
Need major changes to configuration mechanism

#170 GoogleCodeExporter opened 9 years ago
5
Need a new filter for browser security response headers

#169 GoogleCodeExporter opened 9 years ago
7
SecurityWrapperRequest.getContextPath() throws IntrusionException when application is deployed at the ROOT path

#168 GoogleCodeExporter closed 9 years ago
2
XSS Filter for consideration

#167 GoogleCodeExporter closed 9 years ago
1
Rename .esapi directories and document changes

#166 GoogleCodeExporter closed 9 years ago
2
esapi-2.0_rc10-config.zip does not include esapi jar

#165 GoogleCodeExporter closed 9 years ago
2
Change .esapi property file folder to esapi

#164 GoogleCodeExporter closed 9 years ago
2
DOMConfigurator is being used inappropriately in the ESAPIWebApplicationFirewallFilter

#163 GoogleCodeExporter opened 9 years ago
3
AntiCSRF Tokens - JSP Tags

#162 GoogleCodeExporter opened 9 years ago
4
DefaultSecurityConfiguration.loadConfiguration() does not reload validation.properties

#161 GoogleCodeExporter closed 9 years ago
2
DefaultEncoder.canonicalize() should respect value of Encoder.AllowMultipleEncoding property

#160 GoogleCodeExporter closed 9 years ago
4
Cannot configure per-class or per-package log levels with Log4j Logger

#159 GoogleCodeExporter closed 9 years ago
2
ESAPI URL validation RX is vulnerable to DoS

#158 GoogleCodeExporter closed 9 years ago
7
Need a version of EncryptedProperties that extends java.util.Properties

#157 GoogleCodeExporter closed 9 years ago
6
Issues while validating locale specific characters.

#156 GoogleCodeExporter opened 9 years ago
5
org.owasp.esapi.filters.SecurityWrapperResponse.createCookieHeader does not respect HttpOnly and Secure properties in ESAPI.properties

#155 GoogleCodeExporter closed 9 years ago
3
New XML config and config management needed

#154 GoogleCodeExporter opened 9 years ago
6
Limit max size of entire cookies

#153 GoogleCodeExporter opened 9 years ago
3
DefaultEncoder not respecting IntrusionDetector.Disable=true in ESAPI.properties

#152 GoogleCodeExporter closed 9 years ago
2
HTTPParameterValue regular expression is too restriction

#151 GoogleCodeExporter closed 9 years ago
9
SecurityWrapperRequest.setAllowableContentRoot() protection evasion

#150 GoogleCodeExporter closed 9 years ago
3
org.owasp.esapi.filters.SecurityWrapperResponse cookie size limits

#149 GoogleCodeExporter closed 9 years ago
2
Exceptions in org/owasp/esapi/errors should mark logger as transient

#148 GoogleCodeExporter closed 9 years ago
2
minimum-config deployment fails

#147 GoogleCodeExporter opened 9 years ago
4
Executor tests fail for openjdk on linux

#146 GoogleCodeExporter closed 9 years ago
2

Previous Next