org.owasp.esapi

Interface Validator

All Known Implementing Classes:

DefaultValidator

public interface Validator

The Validator interface defines a set of methods for canonicalizing and validating untrusted input. Implementors should feel free to extend this interface to accommodate their own data formats. Rather than throw exceptions, this interface returns boolean results because not all validation problems are security issues. Boolean returns allow developers to handle both valid and invalid results more cleanly than exceptions.

Implementations must adopt a "allow-list" approach to validation where a specific pattern or character set is matched. "Blacklist" approaches that attempt to identify the invalid or disallowed characters are much more likely to allow a bypass with encoding or other tricks.

CAUTION: There are many methods that take multiple (or only!) String arguments. Be careful that you do not mix up the order of these, because for some methods such as isValidSafeHTML if you were to confuse the order of context and input arguments, you would not be verifying what you thought you were and it could have serious security consequences as a result. When there are 2 these String parameters—context and input arguments—the * context argument is always first. See the individual method documentation for additional details.

Since:

June 1, 2007

Author:

Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security

Method Summary

Modifier and Type	Method and Description
void	addRule(ValidationRule rule) Add a validation rule to the registry using the "type name" of the rule as the key.
void	assertValidFileUpload(String context, String filepath, String filename, File parent, byte[] content, int maxBytes, List<String> allowedExtensions, boolean allowNull) Validates the filepath, filename, and content of a file.
void	assertValidFileUpload(String context, String filepath, String filename, File parent, byte[] content, int maxBytes, List<String> allowedExtensions, boolean allowNull, ValidationErrorList errorList) Validates the filepath, filename, and content of a file, any validation exceptions are added to the supplied errorList.
void	assertValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> required, Set<String> optional) Validates that the parameters in the current request contain all required parameters and only optional ones in addition.
void	assertValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> required, Set<String> optional, ValidationErrorList errorList) Validates that the parameters in the current request contain all required parameters and only optional ones in addition, any validation exceptions are added to the supplied errorList.
URI	getRfcCompliantURI(String input) Will return a URI object that will represent a fully parsed and legal URI as specified in RFC-3986.
ValidationRule	getRule(String name) Get a validation rule from the registry with the "type name" of the rule as the key.
String	getValidCreditCard(String context, String input, boolean allowNull) Returns a canonicalized and validated credit card number as a String.
String	getValidCreditCard(String context, String input, boolean allowNull, ValidationErrorList errorList) Returns a canonicalized and validated credit card number as a String, any validation exceptions are added to the supplied errorList.
Date	getValidDate(String context, String input, DateFormat format, boolean allowNull) Returns a valid date as a Date.
Date	getValidDate(String context, String input, DateFormat format, boolean allowNull, ValidationErrorList errorList) Returns a valid date as a Date, any validation exceptions are added to the supplied errorList.
String	getValidDirectoryPath(String context, String input, File parent, boolean allowNull) Returns a canonicalized and validated directory path as a String, provided that the input maps to an existing directory that is an existing subdirectory (at any level) of the specified parent.
String	getValidDirectoryPath(String context, String input, File parent, boolean allowNull, ValidationErrorList errorList) Returns a canonicalized and validated directory path as a String, provided that the input maps to an existing directory that is an existing subdirectory (at any level) of the specified parent; any validation exceptions are added to the supplied errorList.
Double	getValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull) Returns a validated real number as a double.
Double	getValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull, ValidationErrorList errorList) Returns a validated real number as a double, any validation exceptions are added to the supplied errorList.
byte[]	getValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull) Returns validated file content as a byte array.
byte[]	getValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull, ValidationErrorList errorList) Returns validated file content as a byte array, any validation exceptions are added to the supplied errorList.
String	getValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull) Returns a canonicalized and validated file name as a String.
String	getValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull, ValidationErrorList errorList) Returns a canonicalized and validated file name as a String, any validation exceptions are added to the supplied errorList.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull) Returns the validated, canonicalized input as a String.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize) Returns validated input as a String with optional canonicalization.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize, ValidationErrorList errorList) Returns validated input as a String with optional canonicalization, and adds validation exceptions to the supplied errorList.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull, ValidationErrorList errorList) Returns canonicalized validated input as a String, and adds validation exceptions to the supplied errorList.
Integer	getValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull) Returns a validated integer, input is a valid integer if it is between minValue and maxValue inclusive.
Integer	getValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull, ValidationErrorList errorList) Returns a validated integer, any validation exceptions are added to the supplied errorList.
String	getValidListItem(String context, String input, List<String> list) Returns the list item that exactly matches the canonicalized input.
String	getValidListItem(String context, String input, List<String> list, ValidationErrorList errorList) Returns the list item that exactly matches the canonicalized input, any validation exceptions are added to the supplied errorList.
Double	getValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull) Returns a validated number as a double within the range of minValue to maxValue.
Double	getValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull, ValidationErrorList errorList) Returns a validated number as a double within the range of [minValue, maxValue]; any validation exceptions are added to the supplied errorList.
char[]	getValidPrintable(String context, char[] input, int maxLength, boolean allowNull) Returns canonicalized and validated printable characters as a byte array.
char[]	getValidPrintable(String context, char[] input, int maxLength, boolean allowNull, ValidationErrorList errorList) Returns canonicalized and validated printable characters as a byte array, any validation exceptions are added to the supplied errorList.
String	getValidPrintable(String context, String input, int maxLength, boolean allowNull) Returns canonicalized and validated printable characters as a String.
String	getValidPrintable(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errorList) Returns canonicalized and validated printable characters as a String, any validation exceptions are added to the supplied errorList.
String	getValidRedirectLocation(String context, String input, boolean allowNull) Returns a canonicalized and validated redirect location as a String.
String	getValidRedirectLocation(String context, String input, boolean allowNull, ValidationErrorList errorList) Returns a canonicalized and validated redirect location as a String, any validation exceptions are added to the supplied errorList.
String	getValidSafeHTML(String context, String input, int maxLength, boolean allowNull) Canonicalize and then sanitize the input so that it is "safe" for renderinger in an HTML context (i.e., that it does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else).
String	getValidSafeHTML(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errorList) Canonicalize and then sanitize the input so that it is "safe" for renderinger in an HTML context (i.e., that it does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else).
boolean	isValidCreditCard(String context, String input, boolean allowNull) Returns true if input matches the pattern for a valid credit card number.
boolean	isValidCreditCard(String context, String input, boolean allowNull, ValidationErrorList errorList) Returns true if input matches the pattern for a valid credit card number, any validation exceptions are added to the supplied errorList.
boolean	isValidDate(String context, String input, DateFormat format, boolean allowNull) Returns true if input is valid.
boolean	isValidDate(String context, String input, DateFormat format, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidDirectoryPath(String context, String input, File parent, boolean allowNull) Returns true if input is valid.
boolean	isValidDirectoryPath(String context, String input, File parent, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull) Returns true if input is valid.
boolean	isValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull) Returns true if input is valid.
boolean	isValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidFileName(String context, String input, boolean allowNull) Returns true if input is valid.
boolean	isValidFileName(String context, String input, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull) Returns true if input is valid.
boolean	isValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidFileUpload(String context, String filepath, String filename, File parent, byte[] content, int maxBytes, boolean allowNull) Returns true if filepath, filename, and content of a file are valid.
boolean	isValidFileUpload(String context, String filepath, String filename, File parent, byte[] content, int maxBytes, boolean allowNull, ValidationErrorList errorList) Returns true if filepath, filename, and content of a file are valid, any validation exceptions are added to the supplied errorList.
boolean	isValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> required, Set<String> optional) Returns true if only required and optional parameters are in the request.
boolean	isValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> required, Set<String> optional, ValidationErrorList errorList) Returns true if only required and optional parameters are in the request, any validation exceptions are added to the supplied errorList.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull) Returns true if canonicalized input is valid.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize) Returns true if input is valid.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize, ValidationErrorList errorList) Returns true if input is valid; any validation exceptions are added to the supplied errorList.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull, ValidationErrorList errorList) Returns true if canonicalized input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull) Returns true if input is a valid integer between minValue and maxValue inclusive.
boolean	isValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull, ValidationErrorList errorList) Returns true if input is a valid integer between minValue and maxValue inclusive, any validation exceptions are added to the supplied errorList.
boolean	isValidListItem(String context, String input, List<String> list) Returns true if input is valid.
boolean	isValidListItem(String context, String input, List<String> list, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull) Returns true if input is valid.
boolean	isValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidPrintable(String context, char[] input, int maxLength, boolean allowNull) Returns true if input is valid.
boolean	isValidPrintable(String context, char[] input, int maxLength, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidPrintable(String context, String input, int maxLength, boolean allowNull) Returns true if input is valid.
boolean	isValidPrintable(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidRedirectLocation(String context, String input, boolean allowNull) Returns true if input is valid.
boolean	isValidRedirectLocation(String context, String input, boolean allowNull, ValidationErrorList errorList) Returns true if input is valid, any validation exceptions are added to the supplied errorList.
boolean	isValidSafeHTML(String context, String input, int maxLength, boolean allowNull) Deprecated. Deprecated as of ESAPI 2.5.3.0. This method will be removed in 1 year after the ESAPI 2.5.3.0 release date (2023-11-24).
boolean	isValidSafeHTML(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errorList) Deprecated. Deprecated as of ESAPI 2.5.3.0. This method will be removed in 1 year after the ESAPI 2.5.3.0 release date (2023-11-24).
boolean	isValidURI(String context, String input, boolean allowNull) Parses and ensures that the URI in question is a valid RFC-3986 URI.
String	safeReadLine(InputStream inputStream, int maxLength) Reads from an input stream until end-of-line or a maximum number of characters.

Method Detail

addRule

void addRule(ValidationRule rule)

Add a validation rule to the registry using the "type name" of the rule as the key.

Parameters:

rule - The ValidationRule to add.

getRule

ValidationRule getRule(String name)

Get a validation rule from the registry with the "type name" of the rule as the key.

Parameters:

name - The "type" name of a ValidationRule to retrieve.

isValidInput

boolean isValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull)
              throws IntrusionException

Returns true if canonicalized input is valid.

Calls getValidInput(String, String, String, int, boolean, boolean) with canonicalize=true and returns true if no exceptions are thrown.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Throws:

IntrusionException - Input likely indicates an attack.

isValidInput

boolean isValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull,
                     ValidationErrorList errorList)
              throws IntrusionException

Returns true if canonicalized input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidInput(String, String, String, int, boolean, boolean) with canonicalize=true and returns true if no exceptions are thrown.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

errorList - The error list to which any ValidationException messages are added.

Throws:

IntrusionException - Input likely indicates an attack.

isValidInput

boolean isValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull,
                     boolean canonicalize)
              throws IntrusionException

Returns true if input is valid.

Calls getValidInput(String, String, String, int, boolean, boolean) and returns true if no exceptions are thrown.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

canonicalize - If true, the input if first canonicalized before being validated.

Throws:

IntrusionException - Input likely indicates an attack.

isValidInput

boolean isValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull,
                     boolean canonicalize,
                     ValidationErrorList errorList)
              throws IntrusionException

Returns true if input is valid; any validation exceptions are added to the supplied errorList.

Calls getValidInput(String, String, String, int, boolean, boolean) and returns true if no exceptions are thrown.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

canonicalize - If true, the input if first canonicalized before being validated.

errorList - The error list to which any ValidationException messages are added.

Throws:

IntrusionException - Input likely indicates an attack.

getValidInput

String getValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull)
              throws ValidationException,
                     IntrusionException

Returns the validated, canonicalized input as a String.

Calls getValidInput(String, String, String, int, boolean, boolean) with canonicalize=true.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Throws:

ValidationException - Input is invalid, based on the regex associated with type.

IntrusionException - Input likely indicates an attack.

getValidInput

String getValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull,
                     boolean canonicalize)
              throws ValidationException,
                     IntrusionException

Returns validated input as a String with optional canonicalization.

Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum post-canonicalized String length allowed.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

canonicalize - If canonicalize is true then input will be canonicalized before validation.

Returns:

The canonicalized user input.

Throws:

ValidationException - Input is invalid, based on the regex associated with type.

IntrusionException - Input likely indicates an attack.

getValidInput

String getValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull,
                     ValidationErrorList errorList)
              throws IntrusionException

Returns canonicalized validated input as a String, and adds validation exceptions to the supplied errorList.

Calls getValidInput(String, String, String, int, boolean, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

getValidInput

String getValidInput(String context,
                     String input,
                     String type,
                     int maxLength,
                     boolean allowNull,
                     boolean canonicalize,
                     ValidationErrorList errorList)
              throws IntrusionException

Returns validated input as a String with optional canonicalization, and adds validation exceptions to the supplied errorList.

Returns the result of calling getValidInput(String, String, String, int, boolean, boolean) with canonicalize=true.

Throws:

IntrusionException - Input likely indicates an attack.

isValidDate

boolean isValidDate(String context,
                    String input,
                    DateFormat format,
                    boolean allowNull)
             throws IntrusionException

Returns true if input is valid.

Calls getValidDate(String, String, DateFormat, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidDate

boolean isValidDate(String context,
                    String input,
                    DateFormat format,
                    boolean allowNull,
                    ValidationErrorList errorList)
             throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidDate(String, String, DateFormat, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidDate

Date getValidDate(String context,
                  String input,
                  DateFormat format,
                  boolean allowNull)
           throws ValidationException,
                  IntrusionException

Returns a valid date as a Date.

Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

format - Required formatting of date inputted.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid date as a Date

Throws:

ValidationException - Input is invalid, based on the regex associated with type.

IntrusionException - Input likely indicates an attack.

getValidDate

Date getValidDate(String context,
                  String input,
                  DateFormat format,
                  boolean allowNull,
                  ValidationErrorList errorList)
           throws IntrusionException

Returns a valid date as a Date, any validation exceptions are added to the supplied errorList.

Calls getValidDate(String, String, DateFormat, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

isValidSafeHTML

@Deprecated
boolean isValidSafeHTML(String context,
                                    String input,
                                    int maxLength,
                                    boolean allowNull)
                             throws IntrusionException

Deprecated. Deprecated as of ESAPI 2.5.3.0. This method will be removed in 1 year after the ESAPI 2.5.3.0 release date (2023-11-24).

Returns true if the parameter input is valid and presumably safe.

WARNING: Note that the only safe way to use this method is if you instead of using the passed-in parameter 'input' (which should not be completely trusted as-is, regardless of whether this method returns true), you first sanitize (i.e., cleanse) the parameter 'input' by first by calling one of the getValidSafeHTML methods on it. For additional details explaining the rationale for this, please see the referenced ESAPI Security Bulletin 12 in the referenced GitHub Security Advisory mentioned in the "See Also" section below.

Parameters:

context - A descriptive tag name for the input that you are validating (e.g., user_comment). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate. Note that the expectation is that this input is allowed to contain "safe" HTML markup, otherwise you should not be using this Validator method at all.

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

True if the input is presumably safe, otherwise false.

Throws:

IntrusionException - The parameter input likely indicates an attack.

See Also:

GitHub Security Advisory: Validator.isValidSafeHTML is being deprecated and will be deleted in 1 year

isValidSafeHTML

@Deprecated
boolean isValidSafeHTML(String context,
                                    String input,
                                    int maxLength,
                                    boolean allowNull,
                                    ValidationErrorList errorList)
                             throws IntrusionException

Deprecated. Deprecated as of ESAPI 2.5.3.0. This method will be removed in 1 year after the ESAPI 2.5.3.0 release date (2023-11-24).

Returns true if the parameter input is valid and presumably safe. Any exceptions are added to the supplied errorList parameter.

Calls getValidSafeHTML(String, String, int, boolean), and returns true if no exceptions are thrown.

WARNING: Note that the only safe way to use this method is if you instead of using the passed-in parameter 'input' (which should not be completely trusted as-is, regardless of whether this method returns true), you first sanitize (i.e., cleanse) the parameter 'input' by first by calling one of the getValidSafeHTML methods on it. For additional details explaining the rationale for this, please see the referenced ESAPI Security Bulletin 12 in the referenced GitHub Security Advisory mentioned in the "See Also" section below.

Parameters:

context - A descriptive tag name for the input that you are validating (e.g., user_comment). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate. Note that the expectation is that this input is allowed to contain "safe" HTML markup, otherwise you should not be using this Validator method at all.

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

errorList - The error list to which any ValidationException messages are added.

Returns:

True if the input is presumably safe, otherwise false.

Throws:

IntrusionException - The parameter input likely indicates an attack.

See Also:

GitHub Security Advisory: Validator.isValidSafeHTML is being deprecated and will be deleted in 1 year

getValidSafeHTML

String getValidSafeHTML(String context,
                        String input,
                        int maxLength,
                        boolean allowNull)
                 throws ValidationException,
                        IntrusionException

Canonicalize and then sanitize the input so that it is "safe" for renderinger in an HTML context (i.e., that it does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else). Note that the resulting returned value may omit input that is considered dangerous and cannot be safely sanitized and other input that gets HTML encoded (e.g., a single quote (') might get chaged to """).

The default behavior of this check depends on the antisamy-esapi.xml AntiSamy policy configuration file (or an alternate filename, specified via the "Validator.HtmlValidationConfigurationFile" property in your ESAPI.properties file. Implementors wishing to alter the AntiSamy policy configuration file should reference the OWASP AntiSamy project for ideas on how to do HTML validation in a allow-list way, as this is an extremely difficult problem.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A string representing the canonicalized and sanitized input that is safe for rendering in an HTML context.

Throws:

ValidationException - Input is invalid, based on the regex associated with type.

IntrusionException - Input likely indicates an attack.

getValidSafeHTML

String getValidSafeHTML(String context,
                        String input,
                        int maxLength,
                        boolean allowNull,
                        ValidationErrorList errorList)
                 throws IntrusionException

Canonicalize and then sanitize the input so that it is "safe" for renderinger in an HTML context (i.e., that it does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else). Note that the resulting returned value may omit input that is considered dangerous and cannot be safely sanitized and other input that gets HTML encoded (e.g., a single quote (') might get chaged to """).

The default behavior of this check depends on the antisamy-esapi.xml AntiSamy policy configuration file (or an alternate filename, specified via the "Validator.HtmlValidationConfigurationFile" property in your ESAPI.properties file. Implementors wishing to alter the AntiSamy policy configuration file should reference the OWASP AntiSamy project for ideas on how to do HTML validation in a allow-list way, as this is an extremely difficult problem.

Calls getValidSafeHTML(String, String, int, boolean).

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "LoginPage_UsernameField"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

maxLength - The maximum String length allowed for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

errorList - The error list to which any ValidationException messages are added.

Returns:

A string representing the canonicalized and sanitized input that is safe for rendering in an HTML context.

Throws:

IntrusionException - Input likely indicates an attack.

isValidCreditCard

boolean isValidCreditCard(String context,
                          String input,
                          boolean allowNull)
                   throws IntrusionException

Returns true if input matches the pattern for a valid credit card number.

Calls getValidCreditCard(String, String, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidCreditCard

boolean isValidCreditCard(String context,
                          String input,
                          boolean allowNull,
                          ValidationErrorList errorList)
                   throws IntrusionException

Returns true if input matches the pattern for a valid credit card number, any validation exceptions are added to the supplied errorList.

Calls getValidCreditCard(String, String, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidCreditCard

String getValidCreditCard(String context,
                          String input,
                          boolean allowNull)
                   throws ValidationException,
                          IntrusionException

Returns a canonicalized and validated credit card number as a String.

Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., PaymentPage_CreditCard). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid credit card number

Throws:

ValidationException - Input is invalid because it doesn't appear to be a valid credit card account number.

IntrusionException - Input likely indicates an attack.

getValidCreditCard

String getValidCreditCard(String context,
                          String input,
                          boolean allowNull,
                          ValidationErrorList errorList)
                   throws IntrusionException

Returns a canonicalized and validated credit card number as a String, any validation exceptions are added to the supplied errorList.

Calls getValidCreditCard(String, String, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

isValidDirectoryPath

boolean isValidDirectoryPath(String context,
                             String input,
                             File parent,
                             boolean allowNull)
                      throws IntrusionException

Returns true if input is valid.

Calls getValidDirectoryPath(String, String, File, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidDirectoryPath

boolean isValidDirectoryPath(String context,
                             String input,
                             File parent,
                             boolean allowNull,
                             ValidationErrorList errorList)
                      throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidDirectoryPath(String, String, File, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidDirectoryPath

String getValidDirectoryPath(String context,
                             String input,
                             File parent,
                             boolean allowNull)
                      throws ValidationException,
                             IntrusionException

Returns a canonicalized and validated directory path as a String, provided that the input maps to an existing directory that is an existing subdirectory (at any level) of the specified parent.

Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid directory path

Throws:

ValidationException - Input is invalid (e.g., the provided input is not a directory).

IntrusionException - Input likely indicates an attack.

getValidDirectoryPath

String getValidDirectoryPath(String context,
                             String input,
                             File parent,
                             boolean allowNull,
                             ValidationErrorList errorList)
                      throws IntrusionException

Returns a canonicalized and validated directory path as a String, provided that the input maps to an existing directory that is an existing subdirectory (at any level) of the specified parent; any validation exceptions are added to the supplied errorList.

Calls getValidDirectoryPath(String, String, File, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

isValidFileName

boolean isValidFileName(String context,
                        String input,
                        boolean allowNull)
                 throws IntrusionException

Returns true if input is valid.

Calls getValidFileName(String, String, List, boolean) with allowedExtensions set to the configured ESAPI.securityConfiguration().getAllowedFileExtensions() and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

See Also:

ESAPI.securityConfiguration(), SecurityConfiguration.getAllowedFileExtensions()

isValidFileName

boolean isValidFileName(String context,
                        String input,
                        boolean allowNull,
                        ValidationErrorList errorList)
                 throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidFileName(String, String, List, boolean) with allowedExtensions set to the configured ESAPI.securityConfiguration().getAllowedFileExtensions() and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

See Also:

ESAPI.securityConfiguration(), SecurityConfiguration.getAllowedFileExtensions()

isValidFileName

boolean isValidFileName(String context,
                        String input,
                        List<String> allowedExtensions,
                        boolean allowNull)
                 throws IntrusionException

Returns true if input is valid.

Calls getValidFileName(String, String, List, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

See Also:

ESAPI.securityConfiguration(), SecurityConfiguration.getAllowedFileExtensions()

isValidFileName

boolean isValidFileName(String context,
                        String input,
                        List<String> allowedExtensions,
                        boolean allowNull,
                        ValidationErrorList errorList)
                 throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidFileName(String, String, List, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

See Also:

ESAPI.securityConfiguration(), SecurityConfiguration.getAllowedFileExtensions()

getValidFileName

String getValidFileName(String context,
                        String input,
                        List<String> allowedExtensions,
                        boolean allowNull)
                 throws ValidationException,
                        IntrusionException

Returns a canonicalized and validated file name as a String. Implementors should check for allowed file extensions here, as well as allowed file name characters, as declared in "ESAPI.properties". Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowedExtensions - List of file extensions which will be accepted.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid file name

Throws:

ValidationException - Input is invalid (e.g., input refers to a non-existant file, does not have a valid file extension as per allowedExtensions, does not match the canonicalized path, exceeds a maximum length of 255 characters, etc.

IntrusionException - Input likely indicates an attack.

getValidFileName

String getValidFileName(String context,
                        String input,
                        List<String> allowedExtensions,
                        boolean allowNull,
                        ValidationErrorList errorList)
                 throws IntrusionException

Returns a canonicalized and validated file name as a String, any validation exceptions are added to the supplied errorList.

Calls getValidFileName(String, String, List, boolean), the supplied errorList is used to capture ValidationExceptions.

Throws:

IntrusionException - Input likely indicates an attack.

isValidNumber

boolean isValidNumber(String context,
                      String input,
                      long minValue,
                      long maxValue,
                      boolean allowNull)
               throws IntrusionException

Returns true if input is valid.

Calls getValidNumber(String, String, long, long, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidNumber

boolean isValidNumber(String context,
                      String input,
                      long minValue,
                      long maxValue,
                      boolean allowNull,
                      ValidationErrorList errorList)
               throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidNumber(String, String, long, long, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidNumber

Double getValidNumber(String context,
                      String input,
                      long minValue,
                      long maxValue,
                      boolean allowNull)
               throws ValidationException,
                      IntrusionException

Returns a validated number as a double within the range of minValue to maxValue. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

Returns:

A validated number as a double.

Throws:

ValidationException - Input is invalid; that is, not a number in the range of [minValue, maxValue].

IntrusionException - Input likely indicates an attack.

getValidNumber

Double getValidNumber(String context,
                      String input,
                      long minValue,
                      long maxValue,
                      boolean allowNull,
                      ValidationErrorList errorList)
               throws IntrusionException

Returns a validated number as a double within the range of [minValue, maxValue]; any validation exceptions are added to the supplied errorList.

Calls getValidNumber(String, String, long, long, boolean).

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "OrderPage_Quantity"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

errorList - The error list to which any ValidationException messages are added.

Throws:

IntrusionException - Input likely indicates an attack.

isValidInteger

boolean isValidInteger(String context,
                       String input,
                       int minValue,
                       int maxValue,
                       boolean allowNull)
                throws IntrusionException

Returns true if input is a valid integer between minValue and maxValue inclusive.

Calls getValidInteger(String, String, int, int, boolean), and returns true if no exceptions are thrown.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "OrderPage_Quantity"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Throws:

IntrusionException - Input likely indicates an attack.

isValidInteger

boolean isValidInteger(String context,
                       String input,
                       int minValue,
                       int maxValue,
                       boolean allowNull,
                       ValidationErrorList errorList)
                throws IntrusionException

Returns true if input is a valid integer between minValue and maxValue inclusive, any validation exceptions are added to the supplied errorList.

Calls getValidInteger(String, String, int, int, boolean) and returns true if no exceptions are thrown.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., "OrderPage_Quantity"). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

errorList - The error list to which any ValidationException messages are added.

Throws:

IntrusionException - Input likely indicates an attack.

getValidInteger

Integer getValidInteger(String context,
                        String input,
                        int minValue,
                        int maxValue,
                        boolean allowNull)
                 throws ValidationException,
                        IntrusionException

Returns a validated integer, input is a valid integer if it is between minValue and maxValue inclusive. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., OrderPage_Quantity). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

Returns:

A validated number as an integer.

Throws:

ValidationException - Input is not a valid integer in the range of [minValue, maxValue].

IntrusionException - Input likely indicates an attack.

getValidInteger

Integer getValidInteger(String context,
                        String input,
                        int minValue,
                        int maxValue,
                        boolean allowNull,
                        ValidationErrorList errorList)
                 throws IntrusionException

Returns a validated integer, any validation exceptions are added to the supplied errorList.

Calls getValidInteger(String, String, int, int, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

isValidDouble

boolean isValidDouble(String context,
                      String input,
                      double minValue,
                      double maxValue,
                      boolean allowNull)
               throws IntrusionException

Returns true if input is valid.

Calls getValidDouble(String, String, double, double, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidDouble

boolean isValidDouble(String context,
                      String input,
                      double minValue,
                      double maxValue,
                      boolean allowNull,
                      ValidationErrorList errorList)
               throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidDouble(String, String, double, double, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidDouble

Double getValidDouble(String context,
                      String input,
                      double minValue,
                      double maxValue,
                      boolean allowNull)
               throws ValidationException,
                      IntrusionException

Returns a validated real number as a double. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

Returns:

A validated real number as a double.

Throws:

ValidationException - Input is invalid.

IntrusionException - Input likely indicates an attack.

getValidDouble

Double getValidDouble(String context,
                      String input,
                      double minValue,
                      double maxValue,
                      boolean allowNull,
                      ValidationErrorList errorList)
               throws IntrusionException

Returns a validated real number as a double, any validation exceptions are added to the supplied errorList.

Calls getValidDouble(String, String, double, double, boolean), the supplied errorList is used to capture ValidationExceptions.

Throws:

IntrusionException - Input likely indicates an attack.

isValidFileContent

boolean isValidFileContent(String context,
                           byte[] input,
                           int maxBytes,
                           boolean allowNull)
                    throws IntrusionException

Returns true if input is valid.

Calls getValidFileContent(String, byte[], int, boolean), and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidFileContent

boolean isValidFileContent(String context,
                           byte[] input,
                           int maxBytes,
                           boolean allowNull,
                           ValidationErrorList errorList)
                    throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidFileContent(String, byte[], int, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidFileContent

byte[] getValidFileContent(String context,
                           byte[] input,
                           int maxBytes,
                           boolean allowNull)
                    throws ValidationException,
                           IntrusionException

Returns validated file content as a byte array. This is a good place to check for max file size, allowed character sets, and do virus scans. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

maxBytes - The maximum number of bytes allowed in a legal file.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A byte array containing valid file content.

Throws:

ValidationException - Input is invalid.

IntrusionException - Input likely indicates an attack.

getValidFileContent

byte[] getValidFileContent(String context,
                           byte[] input,
                           int maxBytes,
                           boolean allowNull,
                           ValidationErrorList errorList)
                    throws IntrusionException

Returns validated file content as a byte array, any validation exceptions are added to the supplied errorList.

Calls getValidFileContent(String, byte[], int, boolean), the supplied errorList is used to capture ValidationExceptions.

Throws:

IntrusionException - Input likely indicates an attack.

isValidFileUpload

boolean isValidFileUpload(String context,
                          String filepath,
                          String filename,
                          File parent,
                          byte[] content,
                          int maxBytes,
                          boolean allowNull)
                   throws IntrusionException

Returns true if filepath, filename, and content of a file are valid.

Calls isValidFileName(String, String, boolean), isValidDirectoryPath(String, String, File, boolean), and isValidFileContent(String, byte[], int, boolean), and returns true if all three checks pass.

Throws:

IntrusionException - Input likely indicates an attack.

isValidFileUpload

boolean isValidFileUpload(String context,
                          String filepath,
                          String filename,
                          File parent,
                          byte[] content,
                          int maxBytes,
                          boolean allowNull,
                          ValidationErrorList errorList)
                   throws IntrusionException

Returns true if filepath, filename, and content of a file are valid, any validation exceptions are added to the supplied errorList.

Calls isValidFileName(String, String, boolean, ValidationErrorList) isValidDirectoryPath(String, String, File, boolean, ValidationErrorList) and isValidFileContent(String, byte[], int, boolean, ValidationErrorList), and returns true if all three checks pass.

Throws:

IntrusionException - Input likely indicates an attack.

assertValidFileUpload

void assertValidFileUpload(String context,
                           String filepath,
                           String filename,
                           File parent,
                           byte[] content,
                           int maxBytes,
                           List<String> allowedExtensions,
                           boolean allowNull)
                    throws ValidationException,
                           IntrusionException

Validates the filepath, filename, and content of a file. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

filepath - The file path of the uploaded file.

filename - The filename of the uploaded file

content - A byte array containing the content of the uploaded file.

maxBytes - The max number of bytes allowed for a legal file upload.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Throws:

ValidationException - Input is invalid.

IntrusionException - Input likely indicates an attack.

assertValidFileUpload

void assertValidFileUpload(String context,
                           String filepath,
                           String filename,
                           File parent,
                           byte[] content,
                           int maxBytes,
                           List<String> allowedExtensions,
                           boolean allowNull,
                           ValidationErrorList errorList)
                    throws IntrusionException

Validates the filepath, filename, and content of a file, any validation exceptions are added to the supplied errorList.

Calls assertValidFileUpload(String, String, String, File, byte[], int, List, boolean), the supplied errorList is used to capture ValidationExceptions.

Throws:

IntrusionException - Input likely indicates an attack.

isValidListItem

boolean isValidListItem(String context,
                        String input,
                        List<String> list)
                 throws IntrusionException

Returns true if input is valid.

Calls getValidListItem(String, String, List) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidListItem

boolean isValidListItem(String context,
                        String input,
                        List<String> list,
                        ValidationErrorList errorList)
                 throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidListItem(String, String, List) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidListItem

String getValidListItem(String context,
                        String input,
                        List<String> list)
                 throws ValidationException,
                        IntrusionException

Returns the list item that exactly matches the canonicalized input. Invalid or non-matching input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The value to search 'list' for.

list - The list to search for 'input'.

Returns:

The list item that exactly matches the canonicalized input.

Throws:

ValidationException - Input is invalid.

IntrusionException - Input likely indicates an attack.

getValidListItem

String getValidListItem(String context,
                        String input,
                        List<String> list,
                        ValidationErrorList errorList)
                 throws IntrusionException

Returns the list item that exactly matches the canonicalized input, any validation exceptions are added to the supplied errorList.

Calls getValidListItem(String, String, List)

Throws:

IntrusionException - Input likely indicates an attack.

isValidHTTPRequestParameterSet

boolean isValidHTTPRequestParameterSet(String context,
                                       javax.servlet.http.HttpServletRequest request,
                                       Set<String> required,
                                       Set<String> optional)
                                throws IntrusionException

Returns true if only required and optional parameters are in the request.

Calls assertValidHTTPRequestParameterSet(String, HttpServletRequest, Set, Set) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidHTTPRequestParameterSet

boolean isValidHTTPRequestParameterSet(String context,
                                       javax.servlet.http.HttpServletRequest request,
                                       Set<String> required,
                                       Set<String> optional,
                                       ValidationErrorList errorList)
                                throws IntrusionException

Returns true if only required and optional parameters are in the request, any validation exceptions are added to the supplied errorList.

Calls assertValidHTTPRequestParameterSet(String, HttpServletRequest, Set, Set) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

assertValidHTTPRequestParameterSet

void assertValidHTTPRequestParameterSet(String context,
                                        javax.servlet.http.HttpServletRequest request,
                                        Set<String> required,
                                        Set<String> optional)
                                 throws ValidationException,
                                        IntrusionException

Validates that the parameters in the current request contain all required parameters and only optional ones in addition. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

required - parameters that are required to be in HTTP request

optional - additional parameters that may be in HTTP request

Throws:

ValidationException - Input is invalid.

IntrusionException - Input likely indicates an attack.

assertValidHTTPRequestParameterSet

void assertValidHTTPRequestParameterSet(String context,
                                        javax.servlet.http.HttpServletRequest request,
                                        Set<String> required,
                                        Set<String> optional,
                                        ValidationErrorList errorList)
                                 throws IntrusionException

Validates that the parameters in the current request contain all required parameters and only optional ones in addition, any validation exceptions are added to the supplied errorList.

Calls assertValidHTTPRequestParameterSet(String, HttpServletRequest, Set, Set).

Throws:

IntrusionException - Input likely indicates an attack.

isValidPrintable

boolean isValidPrintable(String context,
                         char[] input,
                         int maxLength,
                         boolean allowNull)
                  throws IntrusionException

Returns true if input is valid.

Calls getValidPrintable(String, char[], int, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidPrintable

boolean isValidPrintable(String context,
                         char[] input,
                         int maxLength,
                         boolean allowNull,
                         ValidationErrorList errorList)
                  throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidPrintable(String, char[], int, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidPrintable

char[] getValidPrintable(String context,
                         char[] input,
                         int maxLength,
                         boolean allowNull)
                  throws ValidationException

Returns canonicalized and validated printable characters as a byte array. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - data to be returned as valid and printable

maxLength - Maximum number of bytes stored in 'input'

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

a byte array containing only printable characters, made up of data from 'input'

Throws:

ValidationException - Input is invalid.

getValidPrintable

char[] getValidPrintable(String context,
                         char[] input,
                         int maxLength,
                         boolean allowNull,
                         ValidationErrorList errorList)
                  throws IntrusionException

Returns canonicalized and validated printable characters as a byte array, any validation exceptions are added to the supplied errorList.

Calls getValidPrintable(String, char[], int, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

isValidPrintable

boolean isValidPrintable(String context,
                         String input,
                         int maxLength,
                         boolean allowNull)
                  throws IntrusionException

Returns true if input is valid.

Calls getValidPrintable(String, String, int, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

isValidPrintable

boolean isValidPrintable(String context,
                         String input,
                         int maxLength,
                         boolean allowNull,
                         ValidationErrorList errorList)
                  throws IntrusionException

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidPrintable(String, String, int, boolean) and returns true if no exceptions are thrown.

Throws:

IntrusionException - Input likely indicates an attack.

getValidPrintable

String getValidPrintable(String context,
                         String input,
                         int maxLength,
                         boolean allowNull)
                  throws ValidationException

Returns canonicalized and validated printable characters as a String. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - data to be returned as valid and printable

maxLength - Maximum number of bytes stored in 'input' after canonicalization

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

a String containing only printable characters, made up of data from 'input'

Throws:

ValidationException - Input is invalid.

getValidPrintable

String getValidPrintable(String context,
                         String input,
                         int maxLength,
                         boolean allowNull,
                         ValidationErrorList errorList)
                  throws IntrusionException

Returns canonicalized and validated printable characters as a String, any validation exceptions are added to the supplied errorList.

Calls getValidPrintable(String, String, int, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

isValidRedirectLocation

boolean isValidRedirectLocation(String context,
                                String input,
                                boolean allowNull)

Returns true if input is valid.

Calls getValidRedirectLocation(String, String, boolean) and returns true if no exceptions are thrown.

isValidRedirectLocation

boolean isValidRedirectLocation(String context,
                                String input,
                                boolean allowNull,
                                ValidationErrorList errorList)

Returns true if input is valid, any validation exceptions are added to the supplied errorList.

Calls getValidRedirectLocation(String, String, boolean) and returns true if no exceptions are thrown.

getValidRedirectLocation

String getValidRedirectLocation(String context,
                                String input,
                                boolean allowNull)
                         throws ValidationException,
                                IntrusionException

Returns a canonicalized and validated redirect location as a String. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - redirect location to be returned as valid, according to encoding rules set in "ESAPI.properties"

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A canonicalized and validated redirect location, as defined in "ESAPI.properties"

Throws:

ValidationException - Input is invalid.

IntrusionException - Input likely indicates an attack.

getValidRedirectLocation

String getValidRedirectLocation(String context,
                                String input,
                                boolean allowNull,
                                ValidationErrorList errorList)
                         throws IntrusionException

Returns a canonicalized and validated redirect location as a String, any validation exceptions are added to the supplied errorList.

Calls getValidRedirectLocation(String, String, boolean).

Throws:

IntrusionException - Input likely indicates an attack.

safeReadLine

String safeReadLine(InputStream inputStream,
                    int maxLength)
             throws ValidationException

Reads from an input stream until end-of-line or a maximum number of characters. This method protects against the inherent denial of service attack in reading until the end of a line. If an attacker doesn't ever send a newline character, then a normal input stream reader will read until all memory is exhausted and the platform throws an OutOfMemoryError and probably terminates.

Parameters:

inputStream - The InputStream from which to read data

maxLength - Maximum characters allowed to be read in per line

Returns:

a String containing the current line of inputStream

Throws:

ValidationException - Input is invalid.

isValidURI

boolean isValidURI(String context,
                   String input,
                   boolean allowNull)

Parses and ensures that the URI in question is a valid RFC-3986 URI. This simplifies the kind of regex required for subsequent validation to mitigate regex-based DoS attacks.

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - redirect location to be returned as valid, according to encoding rules set in "ESAPI.properties"

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

True if the URI is valid

See Also:

RFC-3986.

getRfcCompliantURI

URI getRfcCompliantURI(String input)

Will return a URI object that will represent a fully parsed and legal URI as specified in RFC-3986.

Parameters:

input - String

Returns:

URI object representing a parsed URI, or null if the URI was non-compliant in some way.