Package | Description |
---|---|
org.owasp.esapi |
The ESAPI interfaces and
Exception classes model the most
important security functions to enterprise web applications. |
org.owasp.esapi.reference |
This package contains reference implementations of the ESAPI interfaces.
|
org.owasp.esapi.reference.validation |
This package contains data format-specific validation rule functions.
|
Modifier and Type | Method and Description |
---|---|
void |
Validator.assertValidFileUpload(String context,
String filepath,
String filename,
File parent,
byte[] content,
int maxBytes,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileUpload with the supplied errorList to capture ValidationExceptions
|
void |
Validator.assertValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> required,
Set<String> optional,
ValidationErrorList errorList)
Calls getValidHTTPRequestParameterSet with the supplied errorList to capture ValidationExceptions
|
Object |
ValidationRule.getValid(String context,
String input,
ValidationErrorList errorList)
Get a validated value, add the errors to an existing error list
|
String |
Validator.getValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidCreditCard with the supplied errorList to capture ValidationExceptions
|
Date |
Validator.getValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidDate with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidDirectoryPath with the supplied errorList to capture ValidationExceptions
|
Double |
Validator.getValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidDouble with the supplied errorList to capture ValidationExceptions
|
byte[] |
Validator.getValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileContent with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidFileName(String context,
String input,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileName with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errorList)
Calls getValidInput with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidInput with the supplied errorList to capture ValidationExceptions
|
Integer |
Validator.getValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidInteger with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errorList)
Calls getValidListItem with the supplied errorList to capture ValidationExceptions
|
Double |
Validator.getValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions
|
char[] |
Validator.getValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidPrintable with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidPrintable with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidRedirectLocation with the supplied errorList to capture ValidationExceptions
|
String |
Validator.getValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions
|
boolean |
Validator.isValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidCreditCard and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errorList)
Calls isValidDate and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidDirectoryPath and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidDouble and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileContent and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidFileName(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileName with the default list of allowedExtensions
|
boolean |
Validator.isValidFileName(String context,
String input,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileName and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidFileUpload(String context,
String filepath,
String filename,
File parent,
byte[] content,
int maxBytes,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidFileUpload and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> required,
Set<String> optional,
ValidationErrorList errorList)
Calls assertValidHTTPRequestParameterSet and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errorList)
Calls isValidInput and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls isValidInput and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidInteger and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errorList)
Calls getValidListItem and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidNumber and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidPrintable and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidPrintable and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidRedirectLocation and returns true if no exceptions are thrown.
|
boolean |
Validator.isValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Calls getValidSafeHTML and returns true if no exceptions are thrown.
|
Modifier and Type | Method and Description |
---|---|
void |
DefaultValidator.assertValidFileUpload(String context,
String filepath,
String filename,
File parent,
byte[] content,
int maxBytes,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileUpload with the supplied errorList to capture ValidationExceptions
|
void |
DefaultValidator.assertValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> required,
Set<String> optional,
ValidationErrorList errors)
ValidationErrorList variant of assertIsValidHTTPRequestParameterSet
Uses current HTTPRequest saved in ESAPI Authenticator
|
String |
DefaultValidator.getValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Calls getValidCreditCard with the supplied errorList to capture ValidationExceptions
|
Date |
DefaultValidator.getValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errors)
Calls getValidDate with the supplied errorList to capture ValidationExceptions
|
String |
DefaultValidator.getValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errors)
Calls getValidDirectoryPath with the supplied errorList to capture ValidationExceptions
|
Double |
DefaultValidator.getValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errors)
Calls getValidDouble with the supplied errorList to capture ValidationExceptions
|
byte[] |
DefaultValidator.getValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileContent with the supplied errorList to capture ValidationExceptions
|
String |
DefaultValidator.getValidFileName(String context,
String input,
List<String> allowedParameters,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileName with the supplied errorList to capture ValidationExceptions
|
String |
DefaultValidator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errors)
Validates data received from the browser and returns a safe version.
|
String |
DefaultValidator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Validates data received from the browser and returns a safe version.
|
Integer |
DefaultValidator.getValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errors)
Calls getValidInteger with the supplied errorList to capture ValidationExceptions
|
String |
DefaultValidator.getValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errors)
ValidationErrorList variant of getValidListItem
|
Double |
DefaultValidator.getValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errors)
Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions
|
char[] |
DefaultValidator.getValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
ValidationErrorList variant of getValidPrintable
|
String |
DefaultValidator.getValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
ValidationErrorList variant of getValidPrintable
|
String |
DefaultValidator.getValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
ValidationErrorList variant of getValidRedirectLocation
|
String |
DefaultValidator.getValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions
|
boolean |
DefaultValidator.isValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Calls getValidCreditCard and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errors)
Calls isValidDate and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errors)
Calls getValidDirectoryPath and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errors)
Calls getValidDouble and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileContent and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidFileName(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileName with the default list of allowedExtensions
|
boolean |
DefaultValidator.isValidFileName(String context,
String input,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileName and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidFileUpload(String context,
String directorypath,
String filename,
File parent,
byte[] content,
int maxBytes,
boolean allowNull,
ValidationErrorList errors)
Calls getValidFileUpload and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> requiredNames,
Set<String> optionalNames,
ValidationErrorList errors)
Calls assertValidHTTPRequestParameterSet and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errors) |
boolean |
DefaultValidator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errors) |
boolean |
DefaultValidator.isValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errors)
Calls getValidInteger and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errors)
Calls getValidListItem and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errors)
Calls getValidNumber and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Calls getValidPrintable and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Calls getValidPrintable and returns true if no exceptions are thrown.
|
boolean |
DefaultValidator.isValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Returns true if input is a valid redirect location.
|
boolean |
DefaultValidator.isValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Calls getValidSafeHTML and returns true if no exceptions are thrown.
|
Modifier and Type | Method and Description |
---|---|
Object |
BaseValidationRule.getValid(String context,
String input,
ValidationErrorList errorList)
Get a validated value, add the errors to an existing error list
|
Date |
DateValidationRule.sanitize(String context,
String input,
ValidationErrorList errorList)
Same as sanitize(String, String) except it returns any ValidationException generated in the provided errorList.
|
Copyright © 2022 The Open Web Application Security Project (OWASP). All rights reserved.