yaoyi2008 / owasp-esapi-php

Automatically exported from code.google.com/p/owasp-esapi-php
Other
0 stars 0 forks source link

DefaultSecurityConfiguration's getESAPIValidationExpression should check to see if expression found #18

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
It should be more graceful than throwing an exception when a validation
expression is not found.

Original issue reported on code.google.com by mike.bob...@gmail.com on 19 Oct 2009 at 5:16

GoogleCodeExporter commented 8 years ago
Mike,

I've looked at the code, and I think I know why it throws an exception - the 
value may not be set. I've beefed up 
the error checking, and now it returns false (which is not a valid regular 
expression).

Honestly, I think we SHOULD be throwing either a ValidationException or a 
EnterpriseSecurityException when we 
don't find any regular expressions, and possibly throw an exception when an 
expression is not found. 

Can you check to see if my changes (r129) resolve this issue.

Andrew

Original comment by vande...@gmail.com on 20 Oct 2009 at 11:44