#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2012
    Posts
    2
    Rep Power
    0

    ESAPI validator in CF9.


    Hi all
    Does anybody use the OWASP ESAPI in the CF9

    How to use the customized the validation.properties file for the my own application?

    Thanks
    Last edited by danlbn; October 5th, 2012 at 09:34 AM. Reason: missing word
  2. #2
  3. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,242
    Rep Power
    967
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Oct 2012
    Posts
    2
    Rep Power
    0

    CF9 uses OWASP ESAPI after installing the security hotfixes.


    CF9 uses it after istalling the security hotfixes. Some functions are already replaced by ESAPI functions like: encodeForHtml, encodeForJavaScript, encodeForHtmlAttribue etc... the antiSamy also but I'm interested by the validator
  6. #4
  7. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,242
    Rep Power
    967
    Huh, you're right. I had no idea. That said, I've never heard of anyone actually using this directly or specifying custom properties.

IMN logo majestic logo threadwatch logo seochat tools logo