prashanth
Reputation: 53
How to get pathInfo with SecurityWrapperRequest?
i am applying esapi security filter to my application, am enabling/disabling this security filter using a property from conf.properties file. It is working fine when it is disabled but i am not able to access my application when it is enabled Here is my piece of code:
if(this.owaspSecurityEnabled)
{
// this is necessary on every call
ESAPI.httpUtilities().setCurrentHTTP(servletRequest, servletResponse);
// doFilter by wrapping the request and the response to the
// ESAPI safe HttpServletRequest and HttpServletResponse
request = new SecurityWrapperRequest(servletRequest);
response = new SecurityWrapperResponse(servletResponse);
}
and i have debugged the issue but could not solve it. am getting request.getPathInfo() as "" when it is enabled and returning path when it is disabled.
How to solve this issue, Please help me.thanks in advance.
Upvotes: 0
Views: 583
Answers (1)
prashanth
Reputation: 53
Found solution to my problem, It is with the regrular expresion in espai.properties file
"Validator.HTTPPath=^[a-zA-Z0-9.\\-_]*$" changed to "Validator.HTTPPath=^[a-zA-Z0-9.\\-_\/]*$"
Thanks..
Upvotes: 1
Related Questions
- How to get the path of a URL?
- GET request with Path Parameter in RestAssured API Testing
- Simple ESAPI Directory Path Validation Example Not Working
- Where can I find ESAPI.properties?
- Get user requested url in spring security
- Spring Security 3 Get Initially Requested URL
- How to use ESAPI to fix Resource Injection (URL) issues
- Can't seem to get ESAPI Validator getValidInput() Working for URL Parameters
- Get fullpath from requestContext RESTEasy3.0.7 PreRequestFilter for Security in JAVA
- Getting full path from an HTTP request