_assertValidInput in DefaultValidator should not use the same parameter to accept both the name of a regex defined in ESAPI.xml and an actual regex

[GoogleCodeExporter]

_assertValidInput first tries to load a regex from the 
DefaultSecurityConfiguration with the name specified by the 'type' parameter. 
If the 'type' parameter supplied is actually a regex (and not the name of a 
defined one) then  _getESAPIValidationExpression will print a message (via 
_logSpecial) because no regex with the supplied name exists.

I think that _assertValidInput should have separate parameters for a named 
regex and an actual regex and should probably throw an InvalidArgumentException 
if both are supplied.

Original issue reported on code.google.com by jahboite@gmail.com on 14 Jan 2011 at 4:27

[GoogleCodeExporter]

Original comment by jahboite@gmail.com on 14 Jan 2011 at 4:28

• Added labels: Type-Defect

[GoogleCodeExporter]

All these issues must be dealt with before 1.0. New issues will be on a case by 
case basis as to whether we hold up 1.0 or not. 

Original comment by vande...@gmail.com on 17 Jun 2011 at 3:36

• Added labels: Milestone-Release1.0