ESAPI Project Users

1–30 of 71

Google group for discussion of those using ESAPI.

0 selected

May 29

There is another (ESAPI) system

I was aware of the "Enhanced Small Arms Protective Insert", but the "Enhanced System

unread,

There is another (ESAPI) system

I was aware of the "Enhanced Small Arms Protective Insert", but the "Enhanced System

May 29

Kevin W. Wall, Jeffrey Walton2

May 29

ESAPI 2.5.4.0 released

On Wed, May 29, 2024 at 10:56 PM Kevin W. Wall <kevin....@gmail.com> wrote: > > See

unread,

ESAPI 2.5.4.0 released

On Wed, May 29, 2024 at 10:56 PM Kevin W. Wall <kevin....@gmail.com> wrote: > > See

May 29

Feb 5

Before you panic - New AntiSamy release available

Release 1.7.5 of AntiSamy was released last Friday, 2/2/2024. It addresses CVE-2024-23635 which you

unread,

Before you panic - New AntiSamy release available

Release 1.7.5 of AntiSamy was released last Friday, 2/2/2024. It addresses CVE-2024-23635 which you

Feb 5

12/1/23

New ESAPI minor point / patch release issued - ESAPI 2.5.3.1

It's been less than a week, but Dave Wichers suggested logging the deprecated DefaultValidator.

unread,

New ESAPI minor point / patch release issued - ESAPI 2.5.3.1

It's been less than a week, but Dave Wichers suggested logging the deprecated DefaultValidator.

12/1/23

Kevin W. Wall, … David Karr6

11/29/23

ESAPI 2.5.3.0 released

Ah. The eclipse transformer plugin. Time to read some docs. On Wed, Nov 29, 2023, 13:30 Kevin W. Wall

unread,

ESAPI 2.5.3.0 released

Ah. The eclipse transformer plugin. Time to read some docs. On Wed, Nov 29, 2023, 13:30 Kevin W. Wall

11/29/23

11/23/23

ESAPI 2.5.3.0 status update - stuck on failing Dependency Check

Looks like lots of others are getting the same error: https://github.com/jeremylong/DependencyCheck/

unread,

ESAPI 2.5.3.0 status update - stuck on failing Dependency Check

Looks like lots of others are getting the same error: https://github.com/jeremylong/DependencyCheck/

11/23/23

11/10/23

Update on status of work on new ESAPI release to update to new AntiSamy 1.7.4 release

Should anyone care to look at the AntiSamy related tests that are now failing in ESAPI, I have

unread,

Update on status of work on new ESAPI release to update to new AntiSamy 1.7.4 release

Should anyone care to look at the AntiSamy related tests that are now failing in ESAPI, I have

11/10/23

Kevin W. Wall, Jeffrey Walton4

10/18/23

Working on new ESAPI release to update to new AntiSamy 1.7.4 release

An update: Good news: That one test bizarrely just started working when I re-cloned and then copied

unread,

Working on new ESAPI release to update to new AntiSamy 1.7.4 release

An update: Good news: That one test bizarrely just started working when I re-cloned and then copied

10/18/23

Jeffrey Walton, Kevin W. Wall2

8/2/23

ESAPI and spring framework?

I think that avgvstvs' advice in the SO link you referenced is good advice. The only thing that I

unread,

ESAPI and spring framework?

I think that avgvstvs' advice in the SO link you referenced is good advice. The only thing that I

8/2/23

Jeffrey Walton, … Kevin W. Wall6

8/2/23

ESAPI on a <textarea> displaying XML

On Saturday, July 29, 2023 at 11:18:30 AM UTC-4 Jeffrey Walton wrote: Hi Everyone, I'm having a

unread,

ESAPI on a <textarea> displaying XML

On Saturday, July 29, 2023 at 11:18:30 AM UTC-4 Jeffrey Walton wrote: Hi Everyone, I'm having a

8/2/23

Jeffrey Walton, Kevin W. Wall4

7/9/23

ESAPI.properties not readable?

If you want the "Dark and Silent" approach, add: -Dorg.owasp.esapi.logSpecial.discard=true

unread,

ESAPI.properties not readable?

If you want the "Dark and Silent" approach, add: -Dorg.owasp.esapi.logSpecial.discard=true

7/9/23

Jeffrey Walton, Kevin W. Wall7

7/7/23

Using ESAPI jar without a framework filesystem layouts, maven or IDEs

Also, compiling it (at least for this particular example) is the easy part. Collecting all the jars

unread,

Using ESAPI jar without a framework filesystem layouts, maven or IDEs

Also, compiling it (at least for this particular example) is the easy part. Collecting all the jars

7/7/23

Jeffrey Walton, … Matt Seil5

6/20/23

Special note regarding Spring Boot 3 ... in README

It's worth noting that invoking sed/awk/bash would remove the current ability to perform cross-

unread,

Special note regarding Spring Boot 3 ... in README

It's worth noting that invoking sed/awk/bash would remove the current ability to perform cross-

6/20/23

Jeffrey Walton, Kevin W. Wall3

5/31/23

ESAPI Javadocs and latest URL

On Wed, May 31, 2023 at 12:06 PM Kevin W. Wall <kevin....@gmail.com> wrote: > > I

unread,

ESAPI Javadocs and latest URL

On Wed, May 31, 2023 at 12:06 PM Kevin W. Wall <kevin....@gmail.com> wrote: > > I

5/31/23

Jeffrey Walton, … Matt Seil3

5/27/23

Using the encoder to avoid false positive

There's confusion here. You canonicalize to make a string safe for comparisons and encode when

unread,

Using the encoder to avoid false positive

There's confusion here. You canonicalize to make a string safe for comparisons and encode when

5/27/23

4/13/23

New ESAPI release 2.5.2.0 addresses 2 CVEs in transitive dependencies

See https://github.com/ESAPI/esapi-java-legacy/discussions/785 and feel free to continue the

unread,

New ESAPI release 2.5.2.0 addresses 2 CVEs in transitive dependencies

See https://github.com/ESAPI/esapi-java-legacy/discussions/785 and feel free to continue the

4/13/23

4/5/23

CVE-2023-24998 and why the ESAPI 2.5.2.0 release is momentarily delayed

Please read https://github.com/ESAPI/esapi-java-legacy/discussions/782 If you have questions, it is

unread,

CVE-2023-24998 and why the ESAPI 2.5.2.0 release is momentarily delayed

Please read https://github.com/ESAPI/esapi-java-legacy/discussions/782 If you have questions, it is

4/5/23

3/27/23

New ESAPI release this weekend looking much less likely

Well, got past the power outage situation (although there were several "outages" caused by

unread,

New ESAPI release this weekend looking much less likely

Well, got past the power outage situation (although there were several "outages" caused by

3/27/23

tech burgher, … Kevin W. Wall4

3/25/23

org.opensaml.ESAPISecurityConfig.getBooleanProp exception?

Okay, thanks for that update. I guess the OpenSAML folks are not ones who care about all the

unread,

org.opensaml.ESAPISecurityConfig.getBooleanProp exception?

Okay, thanks for that update. I guess the OpenSAML folks are not ones who care about all the

3/25/23

Eyal Kalimi, Kevin W. Wall2

3/22/23

esapi next release?

On Wed, Mar 22, 2023 at 11:15 AM Eyal Kalimi <naz...@gmail.com> wrote: Hi, We are using esapi

unread,

esapi next release?

On Wed, Mar 22, 2023 at 11:15 AM Eyal Kalimi <naz...@gmail.com> wrote: Hi, We are using esapi

3/22/23

1/12/23

Discussion about ESAPI supporting jakarta.servlet-api

You might be interested in joining the discussion at https://github.com/ESAPI/esapi-java-legacy/

unread,

Discussion about ESAPI supporting jakarta.servlet-api

You might be interested in joining the discussion at https://github.com/ESAPI/esapi-java-legacy/

1/12/23

Kevin W. Wall, Jeffrey Walton2

11/27/22

New ESAPI 2.5.1.0 release is now available for download

On Sun, Nov 27, 2022 at 6:24 PM Kevin W. Wall <kevin....@gmail.com> wrote: > > See

unread,

New ESAPI 2.5.1.0 release is now available for download

On Sun, Nov 27, 2022 at 6:24 PM Kevin W. Wall <kevin....@gmail.com> wrote: > > See

11/27/22

Jeffrey Walton, Kevin W. Wall3

8/22/22

Random GUIDs and UUID, and Randomizer.java

@Jeff Walton and others: Please check out https://github.com/ESAPI/esapi-java-legacy/issues/737 and

unread,

Random GUIDs and UUID, and Randomizer.java

@Jeff Walton and others: Please check out https://github.com/ESAPI/esapi-java-legacy/issues/737 and

8/22/22

Stephen Johns, Kevin W. Wall5

8/22/22

Having configurationException issue moving to 2.5.0.0

You are welcome. We had a volunteer step up and make the requested change to clarify the exception

unread,

Having configurationException issue moving to 2.5.0.0

You are welcome. We had a volunteer step up and make the requested change to clarify the exception

8/22/22

Jothybasu Selvaraj, … Matt Seil3

8/8/22

Post processing structures

FWIW I don't know what that means either. On 7/31/2022 9:08 PM, Kevin W. Wall wrote: On Sun, Jul

unread,

Post processing structures

FWIW I don't know what that means either. On 7/31/2022 9:08 PM, Kevin W. Wall wrote: On Sun, Jul

8/8/22

David Karr, … Matt Seil7

7/26/22

Issues with servlet filter to prevent XSS

One more thing... it's important to add that the general idea is that you want to have a logical

unread,

Issues with servlet filter to prevent XSS

One more thing... it's important to add that the general idea is that you want to have a logical

7/26/22

Jeffrey Walton, Kevin W. Wall3

7/21/22

snyk-fix-0593ddb7 branches?

On Thu, Jul 21, 2022 at 10:42 AM Kevin W. Wall <kevin....@gmail.com> wrote: > > Snyk

unread,

snyk-fix-0593ddb7 branches?

On Thu, Jul 21, 2022 at 10:42 AM Kevin W. Wall <kevin....@gmail.com> wrote: > > Snyk

7/21/22

7/20/22

ESAPI 2.5.0.0 announcement

It's official and the 'develop' branch should now be properly updated as well as '

unread,

ESAPI 2.5.0.0 announcement

It's official and the 'develop' branch should now be properly updated as well as '

7/20/22

7/18/22

JSON codec discussion on esapi-github

Hi Everyone, There's a discussion/pull request for a JSON codec at https://github.com/ESAPI/esapi

unread,

JSON codec discussion on esapi-github

Hi Everyone, There's a discussion/pull request for a JSON codec at https://github.com/ESAPI/esapi

7/18/22

7/11/22

Oracle codec updates discussion at test-github-discussions

Hi Everyone/Kevin, There's a discussion on Oracle codec updates at https://github.com/ESAPI/test-

unread,

Oracle codec updates discussion at test-github-discussions

Hi Everyone/Kevin, There's a discussion on Oracle codec updates at https://github.com/ESAPI/test-

7/11/22

Search

Clear search

Close search

Google apps

Main menu