Package | Description |
---|---|
org.owasp.esapi |
The ESAPI interfaces and
Exception classes model the most
important security functions to enterprise web applications. |
org.owasp.esapi.reference |
This package contains reference implementations of the ESAPI interfaces.
|
org.owasp.esapi.reference.validation |
This package contains data format-specific validation rule functions.
|
Modifier and Type | Method and Description |
---|---|
void |
Validator.assertValidFileUpload(String context,
String filepath,
String filename,
File parent,
byte[] content,
int maxBytes,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errorList)
Validates the
filepath , filename , and content of a file,
any validation exceptions are added to the supplied errorList . |
void |
Validator.assertValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> required,
Set<String> optional,
ValidationErrorList errorList)
Validates that the parameters in the current request contain all required parameters
and only optional ones in addition,
any validation exceptions are added to the supplied
errorList . |
Object |
ValidationRule.getValid(String context,
String input,
ValidationErrorList errorList)
Get a validated value, add the errors to an existing error list
|
String |
Validator.getValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Returns a canonicalized and validated credit card number as a String,
any validation exceptions are added to the supplied
errorList . |
Date |
Validator.getValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errorList)
Returns a valid date as a
Date ,
any validation exceptions are added to the supplied errorList . |
String |
Validator.getValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errorList)
Returns a canonicalized and validated directory path as a String, provided that the input
maps to an existing directory that is an existing subdirectory (at any level) of the specified parent;
any validation exceptions are added to the supplied
errorList . |
Double |
Validator.getValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errorList)
Returns a validated real number as a double,
any validation exceptions are added to the supplied
errorList . |
byte[] |
Validator.getValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errorList)
Returns validated file content as a byte array,
any validation exceptions are added to the supplied
errorList . |
String |
Validator.getValidFileName(String context,
String input,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errorList)
Returns a canonicalized and validated file name as a String,
any validation exceptions are added to the supplied
errorList . |
String |
Validator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errorList)
Returns validated
input as a String with optional canonicalization,
and adds validation exceptions to the supplied errorList . |
String |
Validator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns canonicalized validated
input as a String,
and adds validation exceptions to the supplied errorList . |
Integer |
Validator.getValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errorList)
Returns a validated integer,
any validation exceptions are added to the supplied
errorList . |
String |
Validator.getValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errorList)
Returns the list item that exactly matches the canonicalized input,
any validation exceptions are added to the supplied
errorList . |
Double |
Validator.getValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errorList)
Returns a validated number as a double within the range of minValue to maxValue,
any validation exceptions are added to the supplied
errorList . |
char[] |
Validator.getValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns canonicalized and validated printable characters as a byte array,
any validation exceptions are added to the supplied
errorList . |
String |
Validator.getValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns canonicalized and validated printable characters as a String,
any validation exceptions are added to the supplied
errorList . |
String |
Validator.getValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Returns a canonicalized and validated redirect location as a String,
any validation exceptions are added to the supplied
errorList . |
String |
Validator.getValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns canonicalized and validated "safe" HTML that does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else,
any validation exceptions are added to the supplied
errorList . |
boolean |
Validator.isValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input matches the pattern for a valid credit card number,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidFileName(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidFileName(String context,
String input,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidFileUpload(String context,
String filepath,
String filename,
File parent,
byte[] content,
int maxBytes,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
filepath , filename , and content of a file are valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> required,
Set<String> optional,
ValidationErrorList errorList)
Returns true if only required and optional parameters are in the request,
any validation exceptions are added to the supplied
errorList . |
boolean |
Validator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns true if canonicalized input is valid,
any validation exceptions are added to the supplied
errorList . |
boolean |
Validator.isValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is a valid integer between minValue and maxValue inclusive,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
Validator.isValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errorList)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
Modifier and Type | Method and Description |
---|---|
void |
DefaultValidator.assertValidFileUpload(String context,
String filepath,
String filename,
File parent,
byte[] content,
int maxBytes,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errors)
Validates the
filepath , filename , and content of a file,
any validation exceptions are added to the supplied errorList . |
void |
DefaultValidator.assertValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> required,
Set<String> optional,
ValidationErrorList errors)
Validates that the parameters in the current request contain all required parameters
and only optional ones in addition,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Returns a canonicalized and validated credit card number as a String,
any validation exceptions are added to the supplied
errorList . |
Date |
DefaultValidator.getValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errors)
Returns a valid date as a
Date ,
any validation exceptions are added to the supplied errorList . |
String |
DefaultValidator.getValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errors)
Returns a canonicalized and validated directory path as a String, provided that the input
maps to an existing directory that is an existing subdirectory (at any level) of the specified parent;
any validation exceptions are added to the supplied
errorList . |
Double |
DefaultValidator.getValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errors)
Returns a validated real number as a double,
any validation exceptions are added to the supplied
errorList . |
byte[] |
DefaultValidator.getValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errors)
Returns validated file content as a byte array,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidFileName(String context,
String input,
List<String> allowedParameters,
boolean allowNull,
ValidationErrorList errors)
Returns a canonicalized and validated file name as a String,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errors)
Returns validated
input as a String with optional canonicalization,
and adds validation exceptions to the supplied errorList . |
String |
DefaultValidator.getValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns canonicalized validated
input as a String,
and adds validation exceptions to the supplied errorList . |
Integer |
DefaultValidator.getValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errors)
Returns a validated integer,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errors)
Returns the list item that exactly matches the canonicalized input,
any validation exceptions are added to the supplied
errorList . |
Double |
DefaultValidator.getValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errors)
Returns a validated number as a double within the range of minValue to maxValue,
any validation exceptions are added to the supplied
errorList . |
char[] |
DefaultValidator.getValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns canonicalized and validated printable characters as a byte array,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns canonicalized and validated printable characters as a String,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Returns a canonicalized and validated redirect location as a String,
any validation exceptions are added to the supplied
errorList . |
String |
DefaultValidator.getValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns canonicalized and validated "safe" HTML that does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else,
any validation exceptions are added to the supplied
errorList . |
boolean |
DefaultValidator.isValidCreditCard(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input matches the pattern for a valid credit card number,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidDate(String context,
String input,
DateFormat format,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidDirectoryPath(String context,
String input,
File parent,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidDouble(String context,
String input,
double minValue,
double maxValue,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidFileContent(String context,
byte[] input,
int maxBytes,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidFileName(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidFileName(String context,
String input,
List<String> allowedExtensions,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidFileUpload(String context,
String directorypath,
String filename,
File parent,
byte[] content,
int maxBytes,
boolean allowNull,
ValidationErrorList errors)
Returns true if
filepath , filename , and content of a file are valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidHTTPRequestParameterSet(String context,
javax.servlet.http.HttpServletRequest request,
Set<String> requiredNames,
Set<String> optionalNames,
ValidationErrorList errors)
Returns true if only required and optional parameters are in the request,
any validation exceptions are added to the supplied
errorList . |
boolean |
DefaultValidator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
boolean canonicalize,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidInput(String context,
String input,
String type,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns true if canonicalized input is valid,
any validation exceptions are added to the supplied
errorList . |
boolean |
DefaultValidator.isValidInteger(String context,
String input,
int minValue,
int maxValue,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is a valid integer between minValue and maxValue inclusive,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidListItem(String context,
String input,
List<String> list,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidNumber(String context,
String input,
long minValue,
long maxValue,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidPrintable(String context,
char[] input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidPrintable(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidRedirectLocation(String context,
String input,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
boolean |
DefaultValidator.isValidSafeHTML(String context,
String input,
int maxLength,
boolean allowNull,
ValidationErrorList errors)
Returns true if
input is valid,
any validation exceptions are added to the supplied errorList . |
Modifier and Type | Method and Description |
---|---|
Object |
BaseValidationRule.getValid(String context,
String input,
ValidationErrorList errorList)
Get a validated value, add the errors to an existing error list
|
Date |
DateValidationRule.sanitize(String context,
String input,
ValidationErrorList errorList)
Same as sanitize(String, String) except it returns any ValidationException generated in the provided errorList.
|
Copyright © 2022 The Open Web Application Security Project (OWASP). All rights reserved.