org.owasp.esapi.reference

Class DefaultValidator

java.lang.Object

org.owasp.esapi.reference.DefaultValidator

All Implemented Interfaces:

Validator

public class DefaultValidator
extends Object
implements Validator

Reference implementation of the Validator interface. This implementation relies on the ESAPI Encoder, Java Pattern (regex), Date, and several other classes to provide basic validation functions. This library has a heavy emphasis on whitelist validation and canonicalization.

Since:

June 1, 2007

Author:

Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security, Jim Manico (jim@manico.net) Manico.net

See Also:

Validator

Constructor Summary

Constructors

Constructor and Description
DefaultValidator() Default constructor uses the ESAPI standard encoder for canonicalization.
DefaultValidator(Encoder encoder) Construct a new DefaultValidator that will use the specified Encoder for canonicalization.

Method Summary

Methods

Modifier and Type	Method and Description
void	addRule(ValidationRule rule) Add a validation rule to the registry using the "type name" of the rule as the key.
void	assertValidFileUpload(String context, String directorypath, String filename, File parent, byte[] content, int maxBytes, List<String> allowedExtensions, boolean allowNull) Validates the filepath, filename, and content of a file.
void	assertValidFileUpload(String context, String filepath, String filename, File parent, byte[] content, int maxBytes, List<String> allowedExtensions, boolean allowNull, ValidationErrorList errors) Calls getValidFileUpload with the supplied errorList to capture ValidationExceptions
void	assertValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> required, Set<String> optional) Validates that the parameters in the current request contain all required parameters and only optional ones in addition.
void	assertValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> required, Set<String> optional, ValidationErrorList errors) ValidationErrorList variant of assertIsValidHTTPRequestParameterSet Uses current HTTPRequest saved in ESAPI Authenticator
static Validator	getInstance()
ValidationRule	getRule(String name) Get a validation rule from the registry with the "type name" of the rule as the key.
String	getValidCreditCard(String context, String input, boolean allowNull) Returns a canonicalized and validated credit card number as a String.
String	getValidCreditCard(String context, String input, boolean allowNull, ValidationErrorList errors) Calls getValidCreditCard with the supplied errorList to capture ValidationExceptions
Date	getValidDate(String context, String input, DateFormat format, boolean allowNull) Returns a valid date as a Date.
Date	getValidDate(String context, String input, DateFormat format, boolean allowNull, ValidationErrorList errors) Calls getValidDate with the supplied errorList to capture ValidationExceptions
String	getValidDirectoryPath(String context, String input, File parent, boolean allowNull) Returns a canonicalized and validated directory path as a String, provided that the input maps to an existing directory that is an existing subdirectory (at any level) of the specified parent.
String	getValidDirectoryPath(String context, String input, File parent, boolean allowNull, ValidationErrorList errors) Calls getValidDirectoryPath with the supplied errorList to capture ValidationExceptions
Double	getValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull) Returns a validated real number as a double.
Double	getValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull, ValidationErrorList errors) Calls getValidDouble with the supplied errorList to capture ValidationExceptions
byte[]	getValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull) Returns validated file content as a byte array.
byte[]	getValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull, ValidationErrorList errors) Calls getValidFileContent with the supplied errorList to capture ValidationExceptions
String	getValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull) Returns a canonicalized and validated file name as a String.
String	getValidFileName(String context, String input, List<String> allowedParameters, boolean allowNull, ValidationErrorList errors) Calls getValidFileName with the supplied errorList to capture ValidationExceptions
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull) Validates data received from the browser and returns a safe version.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize) Validates data received from the browser and returns a safe version.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize, ValidationErrorList errors) Validates data received from the browser and returns a safe version.
String	getValidInput(String context, String input, String type, int maxLength, boolean allowNull, ValidationErrorList errors) Validates data received from the browser and returns a safe version.
Integer	getValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull) Returns a validated integer.
Integer	getValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull, ValidationErrorList errors) Calls getValidInteger with the supplied errorList to capture ValidationExceptions
String	getValidListItem(String context, String input, List<String> list) Returns the list item that exactly matches the canonicalized input.
String	getValidListItem(String context, String input, List<String> list, ValidationErrorList errors) ValidationErrorList variant of getValidListItem
Double	getValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull) Returns a validated number as a double within the range of minValue to maxValue.
Double	getValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull, ValidationErrorList errors) Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions
char[]	getValidPrintable(String context, char[] input, int maxLength, boolean allowNull) Returns canonicalized and validated printable characters as a byte array.
char[]	getValidPrintable(String context, char[] input, int maxLength, boolean allowNull, ValidationErrorList errors) ValidationErrorList variant of getValidPrintable
String	getValidPrintable(String context, String input, int maxLength, boolean allowNull) Returns canonicalized and validated printable characters as a String.
String	getValidPrintable(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errors) ValidationErrorList variant of getValidPrintable
String	getValidRedirectLocation(String context, String input, boolean allowNull) Returns a canonicalized and validated redirect location as a String.
String	getValidRedirectLocation(String context, String input, boolean allowNull, ValidationErrorList errors) ValidationErrorList variant of getValidRedirectLocation
String	getValidSafeHTML(String context, String input, int maxLength, boolean allowNull) Returns canonicalized and validated "safe" HTML that does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else.
String	getValidSafeHTML(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errors) Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions
boolean	isValidCreditCard(String context, String input, boolean allowNull) Calls getValidCreditCard and returns true if no exceptions are thrown.
boolean	isValidCreditCard(String context, String input, boolean allowNull, ValidationErrorList errors) Calls getValidCreditCard and returns true if no exceptions are thrown.
boolean	isValidDate(String context, String input, DateFormat format, boolean allowNull) Calls isValidDate and returns true if no exceptions are thrown.
boolean	isValidDate(String context, String input, DateFormat format, boolean allowNull, ValidationErrorList errors) Calls isValidDate and returns true if no exceptions are thrown.
boolean	isValidDirectoryPath(String context, String input, File parent, boolean allowNull) Calls getValidDirectoryPath and returns true if no exceptions are thrown.
boolean	isValidDirectoryPath(String context, String input, File parent, boolean allowNull, ValidationErrorList errors) Calls getValidDirectoryPath and returns true if no exceptions are thrown.
boolean	isValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull) Calls getValidDouble and returns true if no exceptions are thrown.
boolean	isValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull, ValidationErrorList errors) Calls getValidDouble and returns true if no exceptions are thrown.
boolean	isValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull) Calls getValidFileContent and returns true if no exceptions are thrown.
boolean	isValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull, ValidationErrorList errors) Calls getValidFileContent and returns true if no exceptions are thrown.
boolean	isValidFileName(String context, String input, boolean allowNull) Calls getValidFileName with the default list of allowedExtensions
boolean	isValidFileName(String context, String input, boolean allowNull, ValidationErrorList errors) Calls getValidFileName with the default list of allowedExtensions
boolean	isValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull) Calls getValidFileName and returns true if no exceptions are thrown.
boolean	isValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull, ValidationErrorList errors) Calls getValidFileName and returns true if no exceptions are thrown.
boolean	isValidFileUpload(String context, String directorypath, String filename, File parent, byte[] content, int maxBytes, boolean allowNull) Calls getValidFileUpload and returns true if no exceptions are thrown.
boolean	isValidFileUpload(String context, String directorypath, String filename, File parent, byte[] content, int maxBytes, boolean allowNull, ValidationErrorList errors) Calls getValidFileUpload and returns true if no exceptions are thrown.
boolean	isValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> requiredNames, Set<String> optionalNames) Calls assertValidHTTPRequestParameterSet and returns true if no exceptions are thrown.
boolean	isValidHTTPRequestParameterSet(String context, javax.servlet.http.HttpServletRequest request, Set<String> requiredNames, Set<String> optionalNames, ValidationErrorList errors) Calls assertValidHTTPRequestParameterSet and returns true if no exceptions are thrown.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull) Returns true if data received from browser is valid.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize) Calls isValidInput and returns true if no exceptions are thrown.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull, boolean canonicalize, ValidationErrorList errors) Calls isValidInput and returns true if no exceptions are thrown.
boolean	isValidInput(String context, String input, String type, int maxLength, boolean allowNull, ValidationErrorList errors) Calls isValidInput and returns true if no exceptions are thrown.
boolean	isValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull) Calls getValidInteger and returns true if no exceptions are thrown.
boolean	isValidInteger(String context, String input, int minValue, int maxValue, boolean allowNull, ValidationErrorList errors) Calls getValidInteger and returns true if no exceptions are thrown.
boolean	isValidListItem(String context, String input, List<String> list) Calls getValidListItem and returns true if no exceptions are thrown.
boolean	isValidListItem(String context, String input, List<String> list, ValidationErrorList errors) Calls getValidListItem and returns true if no exceptions are thrown.
boolean	isValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull) Calls getValidNumber and returns true if no exceptions are thrown.
boolean	isValidNumber(String context, String input, long minValue, long maxValue, boolean allowNull, ValidationErrorList errors) Calls getValidNumber and returns true if no exceptions are thrown.
boolean	isValidPrintable(String context, char[] input, int maxLength, boolean allowNull) Calls getValidPrintable and returns true if no exceptions are thrown.
boolean	isValidPrintable(String context, char[] input, int maxLength, boolean allowNull, ValidationErrorList errors) Calls getValidPrintable and returns true if no exceptions are thrown.
boolean	isValidPrintable(String context, String input, int maxLength, boolean allowNull) Calls getValidPrintable and returns true if no exceptions are thrown.
boolean	isValidPrintable(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errors) Calls getValidPrintable and returns true if no exceptions are thrown.
boolean	isValidRedirectLocation(String context, String input, boolean allowNull) Returns true if input is a valid redirect location.
boolean	isValidRedirectLocation(String context, String input, boolean allowNull, ValidationErrorList errors) Returns true if input is a valid redirect location.
boolean	isValidSafeHTML(String context, String input, int maxLength, boolean allowNull) Calls getValidSafeHTML and returns true if no exceptions are thrown.
boolean	isValidSafeHTML(String context, String input, int maxLength, boolean allowNull, ValidationErrorList errors) Calls getValidSafeHTML and returns true if no exceptions are thrown.
String	safeReadLine(InputStream in, int max) Reads from an input stream until end-of-line or a maximum number of characters.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DefaultValidator

public DefaultValidator()

Default constructor uses the ESAPI standard encoder for canonicalization.

DefaultValidator

public DefaultValidator(Encoder encoder)

Construct a new DefaultValidator that will use the specified Encoder for canonicalization.

Parameters:

encoder -

Method Detail

getInstance

public static Validator getInstance()

addRule

public void addRule(ValidationRule rule)

Add a validation rule to the registry using the "type name" of the rule as the key.

Specified by:

addRule in interface Validator

getRule

public ValidationRule getRule(String name)

Get a validation rule from the registry with the "type name" of the rule as the key.

Specified by:

getRule in interface Validator

isValidInput

public boolean isValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull)
                     throws IntrusionException

Returns true if data received from browser is valid. Double encoding is treated as an attack. The default encoder supports html encoding, URL encoding, and javascript escaping. Input is canonicalized by default before validation.

Specified by:

isValidInput in interface Validator

Parameters:

context - A descriptive name for the field to validate. This is used for error facing validation messages and element identification.

input - The actual user input data to validate.

type - The regular expression name while maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum post-canonicalized String length allowed.

allowNull - If allowNull is true then a input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

The canonicalized user input.

Throws:

IntrusionException

isValidInput

public boolean isValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull,
                   ValidationErrorList errors)
                     throws IntrusionException

Description copied from interface: Validator

Calls isValidInput and returns true if no exceptions are thrown.

Specified by:

isValidInput in interface Validator

Throws:

IntrusionException

isValidInput

public boolean isValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull,
                   boolean canonicalize)
                     throws IntrusionException

Description copied from interface: Validator

Calls isValidInput and returns true if no exceptions are thrown.

Specified by:

isValidInput in interface Validator

Throws:

IntrusionException

isValidInput

public boolean isValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull,
                   boolean canonicalize,
                   ValidationErrorList errors)
                     throws IntrusionException

Description copied from interface: Validator

Calls isValidInput and returns true if no exceptions are thrown.

Specified by:

isValidInput in interface Validator

Throws:

IntrusionException

getValidInput

public String getValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull)
                     throws ValidationException

Validates data received from the browser and returns a safe version. Double encoding is treated as an attack. The default encoder supports html encoding, URL encoding, and javascript escaping. Input is canonicalized by default before validation.

Specified by:

getValidInput in interface Validator

Parameters:

context - A descriptive name for the field to validate. This is used for error facing validation messages and element identification.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum post-canonicalized String length allowed.

allowNull - If allowNull is true then a input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

The canonicalized user input.

Throws:

ValidationException

IntrusionException

getValidInput

public String getValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull,
                   boolean canonicalize)
                     throws ValidationException

Validates data received from the browser and returns a safe version. Only URL encoding is supported. Double encoding is treated as an attack.

Specified by:

getValidInput in interface Validator

Parameters:

context - A descriptive name for the field to validate. This is used for error facing validation messages and element identification.

input - The actual user input data to validate.

type - The regular expression name which maps to the actual regular expression in the ESAPI validation configuration file

maxLength - The maximum String length allowed. If input is canonicalized per the canonicalize argument, then maxLength must be verified after canonicalization

allowNull - If allowNull is true then a input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

canonicalize - If canonicalize is true then input will be canonicalized before validation

Returns:

The user input, may be canonicalized if canonicalize argument is true

Throws:

ValidationException

IntrusionException

getValidInput

public String getValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull,
                   ValidationErrorList errors)
                     throws IntrusionException

Validates data received from the browser and returns a safe version. Only URL encoding is supported. Double encoding is treated as an attack. Input is canonicalized by default before validation.

Specified by:

getValidInput in interface Validator

Parameters:

context - A descriptive name for the field to validate. This is used for error facing validation messages and element identification.

input - The actual user input data to validate.

type - The regular expression name while maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum String length allowed. If input is canonicalized per the canonicalize argument, then maxLength must be verified after canonicalization

allowNull - If allowNull is true then a input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

errors - If ValidationException is thrown, then add to error list instead of throwing out to caller

Returns:

The canonicalized user input.

Throws:

IntrusionException

getValidInput

public String getValidInput(String context,
                   String input,
                   String type,
                   int maxLength,
                   boolean allowNull,
                   boolean canonicalize,
                   ValidationErrorList errors)
                     throws IntrusionException

Validates data received from the browser and returns a safe version. Only URL encoding is supported. Double encoding is treated as an attack.

Specified by:

getValidInput in interface Validator

Parameters:

context - A descriptive name for the field to validate. This is used for error facing validation messages and element identification.

input - The actual user input data to validate.

type - The regular expression name while maps to the actual regular expression from "ESAPI.properties".

maxLength - The maximum post-canonicalized String length allowed

allowNull - If allowNull is true then a input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

canonicalize - If canonicalize is true then input will be canonicalized before validation

errors - If ValidationException is thrown, then add to error list instead of throwing out to caller

Returns:

The user input, may be canonicalized if canonicalize argument is true

Throws:

IntrusionException

isValidDate

public boolean isValidDate(String context,
                  String input,
                  DateFormat format,
                  boolean allowNull)
                    throws IntrusionException

Calls isValidDate and returns true if no exceptions are thrown.

Specified by:

isValidDate in interface Validator

Throws:

IntrusionException

isValidDate

public boolean isValidDate(String context,
                  String input,
                  DateFormat format,
                  boolean allowNull,
                  ValidationErrorList errors)
                    throws IntrusionException

Calls isValidDate and returns true if no exceptions are thrown.

Specified by:

isValidDate in interface Validator

Throws:

IntrusionException

getValidDate

public Date getValidDate(String context,
                String input,
                DateFormat format,
                boolean allowNull)
                  throws ValidationException,
                         IntrusionException

Returns a valid date as a Date. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidDate in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

format - Required formatting of date inputted.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid date as a Date

Throws:

ValidationException

IntrusionException

getValidDate

public Date getValidDate(String context,
                String input,
                DateFormat format,
                boolean allowNull,
                ValidationErrorList errors)
                  throws IntrusionException

Calls getValidDate with the supplied errorList to capture ValidationExceptions

Specified by:

getValidDate in interface Validator

Throws:

IntrusionException

isValidSafeHTML

public boolean isValidSafeHTML(String context,
                      String input,
                      int maxLength,
                      boolean allowNull)
                        throws IntrusionException

Calls getValidSafeHTML and returns true if no exceptions are thrown.

Specified by:

isValidSafeHTML in interface Validator

Throws:

IntrusionException

isValidSafeHTML

public boolean isValidSafeHTML(String context,
                      String input,
                      int maxLength,
                      boolean allowNull,
                      ValidationErrorList errors)
                        throws IntrusionException

Calls getValidSafeHTML and returns true if no exceptions are thrown.

Specified by:

isValidSafeHTML in interface Validator

Throws:

IntrusionException

getValidSafeHTML

public String getValidSafeHTML(String context,
                      String input,
                      int maxLength,
                      boolean allowNull)
                        throws ValidationException,
                               IntrusionException

Returns canonicalized and validated "safe" HTML that does not contain unwanted scripts in the body, attributes, CSS, URLs, or anywhere else. Implementors should reference the OWASP AntiSamy project for ideas on how to do HTML validation in a whitelist way, as this is an extremely difficult problem. This implementation relies on the OWASP AntiSamy project.

Specified by:

getValidSafeHTML in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

maxLength - The maximum String length allowed.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

Valid safe HTML

Throws:

ValidationException

IntrusionException

getValidSafeHTML

public String getValidSafeHTML(String context,
                      String input,
                      int maxLength,
                      boolean allowNull,
                      ValidationErrorList errors)
                        throws IntrusionException

Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions

Specified by:

getValidSafeHTML in interface Validator

Throws:

IntrusionException

isValidCreditCard

public boolean isValidCreditCard(String context,
                        String input,
                        boolean allowNull)
                          throws IntrusionException

Calls getValidCreditCard and returns true if no exceptions are thrown.

Specified by:

isValidCreditCard in interface Validator

Throws:

IntrusionException

isValidCreditCard

public boolean isValidCreditCard(String context,
                        String input,
                        boolean allowNull,
                        ValidationErrorList errors)
                          throws IntrusionException

Calls getValidCreditCard and returns true if no exceptions are thrown.

Specified by:

isValidCreditCard in interface Validator

Throws:

IntrusionException

getValidCreditCard

public String getValidCreditCard(String context,
                        String input,
                        boolean allowNull)
                          throws ValidationException,
                                 IntrusionException

Returns a canonicalized and validated credit card number as a String. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidCreditCard in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual user input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid credit card number

Throws:

ValidationException

IntrusionException

getValidCreditCard

public String getValidCreditCard(String context,
                        String input,
                        boolean allowNull,
                        ValidationErrorList errors)
                          throws IntrusionException

Calls getValidCreditCard with the supplied errorList to capture ValidationExceptions

Specified by:

getValidCreditCard in interface Validator

Throws:

IntrusionException

isValidDirectoryPath

public boolean isValidDirectoryPath(String context,
                           String input,
                           File parent,
                           boolean allowNull)
                             throws IntrusionException

Calls getValidDirectoryPath and returns true if no exceptions are thrown.

Note: On platforms that support symlinks, this function will fail canonicalization if directorypath is a symlink. For example, on MacOS X, /etc is actually /private/etc. If you mean to use /etc, use its real path (/private/etc), not the symlink (/etc).

Specified by:

isValidDirectoryPath in interface Validator

Throws:

IntrusionException

isValidDirectoryPath

public boolean isValidDirectoryPath(String context,
                           String input,
                           File parent,
                           boolean allowNull,
                           ValidationErrorList errors)
                             throws IntrusionException

Calls getValidDirectoryPath and returns true if no exceptions are thrown.

Note: On platforms that support symlinks, this function will fail canonicalization if directorypath is a symlink. For example, on MacOS X, /etc is actually /private/etc. If you mean to use /etc, use its real path (/private/etc), not the symlink (/etc).

Specified by:

isValidDirectoryPath in interface Validator

Throws:

IntrusionException

getValidDirectoryPath

public String getValidDirectoryPath(String context,
                           String input,
                           File parent,
                           boolean allowNull)
                             throws ValidationException,
                                    IntrusionException

Returns a canonicalized and validated directory path as a String, provided that the input maps to an existing directory that is an existing subdirectory (at any level) of the specified parent. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException. Instead of throwing a ValidationException on error, this variant will store the exception inside of the ValidationErrorList.

Specified by:

getValidDirectoryPath in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid directory path

Throws:

ValidationException

IntrusionException

getValidDirectoryPath

public String getValidDirectoryPath(String context,
                           String input,
                           File parent,
                           boolean allowNull,
                           ValidationErrorList errors)
                             throws IntrusionException

Calls getValidDirectoryPath with the supplied errorList to capture ValidationExceptions

Specified by:

getValidDirectoryPath in interface Validator

Throws:

IntrusionException

isValidFileName

public boolean isValidFileName(String context,
                      String input,
                      boolean allowNull)
                        throws IntrusionException

Calls getValidFileName with the default list of allowedExtensions

Specified by:

isValidFileName in interface Validator

Throws:

IntrusionException

isValidFileName

public boolean isValidFileName(String context,
                      String input,
                      boolean allowNull,
                      ValidationErrorList errors)
                        throws IntrusionException

Calls getValidFileName with the default list of allowedExtensions

Specified by:

isValidFileName in interface Validator

Throws:

IntrusionException

isValidFileName

public boolean isValidFileName(String context,
                      String input,
                      List<String> allowedExtensions,
                      boolean allowNull)
                        throws IntrusionException

Calls getValidFileName and returns true if no exceptions are thrown.

Specified by:

isValidFileName in interface Validator

Throws:

IntrusionException

isValidFileName

public boolean isValidFileName(String context,
                      String input,
                      List<String> allowedExtensions,
                      boolean allowNull,
                      ValidationErrorList errors)
                        throws IntrusionException

Calls getValidFileName and returns true if no exceptions are thrown.

Specified by:

isValidFileName in interface Validator

Throws:

IntrusionException

getValidFileName

public String getValidFileName(String context,
                      String input,
                      List<String> allowedExtensions,
                      boolean allowNull)
                        throws ValidationException,
                               IntrusionException

Returns a canonicalized and validated file name as a String. Implementors should check for allowed file extensions here, as well as allowed file name characters, as declared in "ESAPI.properties". Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidFileName in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A valid file name

Throws:

ValidationException

IntrusionException

getValidFileName

public String getValidFileName(String context,
                      String input,
                      List<String> allowedParameters,
                      boolean allowNull,
                      ValidationErrorList errors)
                        throws IntrusionException

Calls getValidFileName with the supplied errorList to capture ValidationExceptions

Specified by:

getValidFileName in interface Validator

Throws:

IntrusionException

isValidNumber

public boolean isValidNumber(String context,
                    String input,
                    long minValue,
                    long maxValue,
                    boolean allowNull)
                      throws IntrusionException

Calls getValidNumber and returns true if no exceptions are thrown.

Specified by:

isValidNumber in interface Validator

Throws:

IntrusionException

isValidNumber

public boolean isValidNumber(String context,
                    String input,
                    long minValue,
                    long maxValue,
                    boolean allowNull,
                    ValidationErrorList errors)
                      throws IntrusionException

Calls getValidNumber and returns true if no exceptions are thrown.

Specified by:

isValidNumber in interface Validator

Throws:

IntrusionException

getValidNumber

public Double getValidNumber(String context,
                    String input,
                    long minValue,
                    long maxValue,
                    boolean allowNull)
                      throws ValidationException,
                             IntrusionException

Returns a validated number as a double within the range of minValue to maxValue. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidNumber in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A validated number as a double.

Throws:

ValidationException

IntrusionException

getValidNumber

public Double getValidNumber(String context,
                    String input,
                    long minValue,
                    long maxValue,
                    boolean allowNull,
                    ValidationErrorList errors)
                      throws IntrusionException

Calls getValidSafeHTML with the supplied errorList to capture ValidationExceptions

Specified by:

getValidNumber in interface Validator

Throws:

IntrusionException

isValidDouble

public boolean isValidDouble(String context,
                    String input,
                    double minValue,
                    double maxValue,
                    boolean allowNull)
                      throws IntrusionException

Calls getValidDouble and returns true if no exceptions are thrown.

Specified by:

isValidDouble in interface Validator

Throws:

IntrusionException

isValidDouble

public boolean isValidDouble(String context,
                    String input,
                    double minValue,
                    double maxValue,
                    boolean allowNull,
                    ValidationErrorList errors)
                      throws IntrusionException

Calls getValidDouble and returns true if no exceptions are thrown.

Specified by:

isValidDouble in interface Validator

Throws:

IntrusionException

getValidDouble

public Double getValidDouble(String context,
                    String input,
                    double minValue,
                    double maxValue,
                    boolean allowNull)
                      throws ValidationException,
                             IntrusionException

Returns a validated real number as a double. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidDouble in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A validated real number as a double.

Throws:

ValidationException

IntrusionException

getValidDouble

public Double getValidDouble(String context,
                    String input,
                    double minValue,
                    double maxValue,
                    boolean allowNull,
                    ValidationErrorList errors)
                      throws IntrusionException

Calls getValidDouble with the supplied errorList to capture ValidationExceptions

Specified by:

getValidDouble in interface Validator

Throws:

IntrusionException

isValidInteger

public boolean isValidInteger(String context,
                     String input,
                     int minValue,
                     int maxValue,
                     boolean allowNull)
                       throws IntrusionException

Calls getValidInteger and returns true if no exceptions are thrown.

Specified by:

isValidInteger in interface Validator

Throws:

IntrusionException

isValidInteger

public boolean isValidInteger(String context,
                     String input,
                     int minValue,
                     int maxValue,
                     boolean allowNull,
                     ValidationErrorList errors)
                       throws IntrusionException

Calls getValidInteger and returns true if no exceptions are thrown.

Specified by:

isValidInteger in interface Validator

Throws:

IntrusionException

getValidInteger

public Integer getValidInteger(String context,
                      String input,
                      int minValue,
                      int maxValue,
                      boolean allowNull)
                        throws ValidationException,
                               IntrusionException

Returns a validated integer. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidInteger in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

minValue - Lowest legal value for input.

maxValue - Highest legal value for input.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A validated number as an integer.

Throws:

ValidationException

IntrusionException

getValidInteger

public Integer getValidInteger(String context,
                      String input,
                      int minValue,
                      int maxValue,
                      boolean allowNull,
                      ValidationErrorList errors)
                        throws IntrusionException

Calls getValidInteger with the supplied errorList to capture ValidationExceptions

Specified by:

getValidInteger in interface Validator

Throws:

IntrusionException

isValidFileContent

public boolean isValidFileContent(String context,
                         byte[] input,
                         int maxBytes,
                         boolean allowNull)
                           throws IntrusionException

Calls getValidFileContent and returns true if no exceptions are thrown.

Specified by:

isValidFileContent in interface Validator

Throws:

IntrusionException

isValidFileContent

public boolean isValidFileContent(String context,
                         byte[] input,
                         int maxBytes,
                         boolean allowNull,
                         ValidationErrorList errors)
                           throws IntrusionException

Calls getValidFileContent and returns true if no exceptions are thrown.

Specified by:

isValidFileContent in interface Validator

Throws:

IntrusionException

getValidFileContent

public byte[] getValidFileContent(String context,
                         byte[] input,
                         int maxBytes,
                         boolean allowNull)
                           throws ValidationException,
                                  IntrusionException

Returns validated file content as a byte array. This is a good place to check for max file size, allowed character sets, and do virus scans. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidFileContent in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The actual input data to validate.

maxBytes - The maximum number of bytes allowed in a legal file.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A byte array containing valid file content.

Throws:

ValidationException

IntrusionException

getValidFileContent

public byte[] getValidFileContent(String context,
                         byte[] input,
                         int maxBytes,
                         boolean allowNull,
                         ValidationErrorList errors)
                           throws IntrusionException

Calls getValidFileContent with the supplied errorList to capture ValidationExceptions

Specified by:

getValidFileContent in interface Validator

Throws:

IntrusionException

isValidFileUpload

public boolean isValidFileUpload(String context,
                        String directorypath,
                        String filename,
                        File parent,
                        byte[] content,
                        int maxBytes,
                        boolean allowNull)
                          throws IntrusionException

Calls getValidFileUpload and returns true if no exceptions are thrown.

Note: On platforms that support symlinks, this function will fail canonicalization if directorypath is a symlink. For example, on MacOS X, /etc is actually /private/etc. If you mean to use /etc, use its real path (/private/etc), not the symlink (/etc).

Specified by:

isValidFileUpload in interface Validator

Throws:

IntrusionException

isValidFileUpload

public boolean isValidFileUpload(String context,
                        String directorypath,
                        String filename,
                        File parent,
                        byte[] content,
                        int maxBytes,
                        boolean allowNull,
                        ValidationErrorList errors)
                          throws IntrusionException

Calls getValidFileUpload and returns true if no exceptions are thrown.

Note: On platforms that support symlinks, this function will fail canonicalization if directorypath is a symlink. For example, on MacOS X, /etc is actually /private/etc. If you mean to use /etc, use its real path (/private/etc), not the symlink (/etc).

Specified by:

isValidFileUpload in interface Validator

Throws:

IntrusionException

assertValidFileUpload

public void assertValidFileUpload(String context,
                         String directorypath,
                         String filename,
                         File parent,
                         byte[] content,
                         int maxBytes,
                         List<String> allowedExtensions,
                         boolean allowNull)
                           throws ValidationException,
                                  IntrusionException

Validates the filepath, filename, and content of a file. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

assertValidFileUpload in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

directorypath - The file path of the uploaded file.

filename - The filename of the uploaded file

content - A byte array containing the content of the uploaded file.

maxBytes - The max number of bytes allowed for a legal file upload.

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Throws:

ValidationException

IntrusionException

assertValidFileUpload

public void assertValidFileUpload(String context,
                         String filepath,
                         String filename,
                         File parent,
                         byte[] content,
                         int maxBytes,
                         List<String> allowedExtensions,
                         boolean allowNull,
                         ValidationErrorList errors)
                           throws IntrusionException

Calls getValidFileUpload with the supplied errorList to capture ValidationExceptions

Specified by:

assertValidFileUpload in interface Validator

Throws:

IntrusionException

isValidListItem

public boolean isValidListItem(String context,
                      String input,
                      List<String> list)

Calls getValidListItem and returns true if no exceptions are thrown. Returns true if input is a valid list item.

Specified by:

isValidListItem in interface Validator

isValidListItem

public boolean isValidListItem(String context,
                      String input,
                      List<String> list,
                      ValidationErrorList errors)

Calls getValidListItem and returns true if no exceptions are thrown. Returns true if input is a valid list item.

Specified by:

isValidListItem in interface Validator

getValidListItem

public String getValidListItem(String context,
                      String input,
                      List<String> list)
                        throws ValidationException,
                               IntrusionException

Returns the list item that exactly matches the canonicalized input. Invalid or non-matching input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidListItem in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - The value to search 'list' for.

list - The list to search for 'input'.

Returns:

The list item that exactly matches the canonicalized input.

Throws:

ValidationException

IntrusionException

getValidListItem

public String getValidListItem(String context,
                      String input,
                      List<String> list,
                      ValidationErrorList errors)
                        throws IntrusionException

ValidationErrorList variant of getValidListItem

Specified by:

getValidListItem in interface Validator

Parameters:

errors -

Throws:

IntrusionException

isValidHTTPRequestParameterSet

public boolean isValidHTTPRequestParameterSet(String context,
                                     javax.servlet.http.HttpServletRequest request,
                                     Set<String> requiredNames,
                                     Set<String> optionalNames)

Calls assertValidHTTPRequestParameterSet and returns true if no exceptions are thrown.

Specified by:

isValidHTTPRequestParameterSet in interface Validator

isValidHTTPRequestParameterSet

public boolean isValidHTTPRequestParameterSet(String context,
                                     javax.servlet.http.HttpServletRequest request,
                                     Set<String> requiredNames,
                                     Set<String> optionalNames,
                                     ValidationErrorList errors)

Calls assertValidHTTPRequestParameterSet and returns true if no exceptions are thrown.

Specified by:

isValidHTTPRequestParameterSet in interface Validator

assertValidHTTPRequestParameterSet

public void assertValidHTTPRequestParameterSet(String context,
                                      javax.servlet.http.HttpServletRequest request,
                                      Set<String> required,
                                      Set<String> optional)
                                        throws ValidationException,
                                               IntrusionException

Validates that the parameters in the current request contain all required parameters and only optional ones in addition. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException. Uses current HTTPRequest

Specified by:

assertValidHTTPRequestParameterSet in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

required - parameters that are required to be in HTTP request

optional - additional parameters that may be in HTTP request

Throws:

ValidationException

IntrusionException

assertValidHTTPRequestParameterSet

public void assertValidHTTPRequestParameterSet(String context,
                                      javax.servlet.http.HttpServletRequest request,
                                      Set<String> required,
                                      Set<String> optional,
                                      ValidationErrorList errors)
                                        throws IntrusionException

ValidationErrorList variant of assertIsValidHTTPRequestParameterSet Uses current HTTPRequest saved in ESAPI Authenticator

Specified by:

assertValidHTTPRequestParameterSet in interface Validator

Parameters:

errors -

Throws:

IntrusionException

isValidPrintable

public boolean isValidPrintable(String context,
                       char[] input,
                       int maxLength,
                       boolean allowNull)
                         throws IntrusionException

Calls getValidPrintable and returns true if no exceptions are thrown. Checks that all bytes are valid ASCII characters (between 33 and 126 inclusive). This implementation does no decoding. http://en.wikipedia.org/wiki/ASCII.

Specified by:

isValidPrintable in interface Validator

Throws:

IntrusionException

isValidPrintable

public boolean isValidPrintable(String context,
                       char[] input,
                       int maxLength,
                       boolean allowNull,
                       ValidationErrorList errors)
                         throws IntrusionException

Calls getValidPrintable and returns true if no exceptions are thrown. Checks that all bytes are valid ASCII characters (between 33 and 126 inclusive). This implementation does no decoding. http://en.wikipedia.org/wiki/ASCII.

Specified by:

isValidPrintable in interface Validator

Throws:

IntrusionException

getValidPrintable

public char[] getValidPrintable(String context,
                       char[] input,
                       int maxLength,
                       boolean allowNull)
                         throws ValidationException,
                                IntrusionException

Returns canonicalized and validated printable characters as a byte array. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidPrintable in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - data to be returned as valid and printable

maxLength - Maximum number of bytes stored in 'input'

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

a byte array containing only printable characters, made up of data from 'input'

Throws:

IntrusionException

ValidationException

getValidPrintable

public char[] getValidPrintable(String context,
                       char[] input,
                       int maxLength,
                       boolean allowNull,
                       ValidationErrorList errors)
                         throws IntrusionException

ValidationErrorList variant of getValidPrintable

Specified by:

getValidPrintable in interface Validator

Parameters:

errors -

Throws:

IntrusionException

isValidPrintable

public boolean isValidPrintable(String context,
                       String input,
                       int maxLength,
                       boolean allowNull)
                         throws IntrusionException

Calls getValidPrintable and returns true if no exceptions are thrown. Returns true if input is valid printable ASCII characters (32-126).

Specified by:

isValidPrintable in interface Validator

Throws:

IntrusionException

isValidPrintable

public boolean isValidPrintable(String context,
                       String input,
                       int maxLength,
                       boolean allowNull,
                       ValidationErrorList errors)
                         throws IntrusionException

Calls getValidPrintable and returns true if no exceptions are thrown. Returns true if input is valid printable ASCII characters (32-126).

Specified by:

isValidPrintable in interface Validator

Throws:

IntrusionException

getValidPrintable

public String getValidPrintable(String context,
                       String input,
                       int maxLength,
                       boolean allowNull)
                         throws ValidationException,
                                IntrusionException

Returns canonicalized and validated printable characters as a String. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidPrintable in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - data to be returned as valid and printable

maxLength - Maximum number of bytes stored in 'input' after canonicalization

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

a String containing only printable characters, made up of data from 'input'

Throws:

IntrusionException

ValidationException

getValidPrintable

public String getValidPrintable(String context,
                       String input,
                       int maxLength,
                       boolean allowNull,
                       ValidationErrorList errors)
                         throws IntrusionException

ValidationErrorList variant of getValidPrintable

Specified by:

getValidPrintable in interface Validator

Parameters:

errors -

Throws:

IntrusionException

isValidRedirectLocation

public boolean isValidRedirectLocation(String context,
                              String input,
                              boolean allowNull)
                                throws IntrusionException

Returns true if input is a valid redirect location.

Specified by:

isValidRedirectLocation in interface Validator

Throws:

IntrusionException

isValidRedirectLocation

public boolean isValidRedirectLocation(String context,
                              String input,
                              boolean allowNull,
                              ValidationErrorList errors)
                                throws IntrusionException

Returns true if input is a valid redirect location.

Specified by:

isValidRedirectLocation in interface Validator

Throws:

IntrusionException

getValidRedirectLocation

public String getValidRedirectLocation(String context,
                              String input,
                              boolean allowNull)
                                throws ValidationException,
                                       IntrusionException

Returns a canonicalized and validated redirect location as a String. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack will generate a descriptive IntrusionException.

Specified by:

getValidRedirectLocation in interface Validator

Parameters:

context - A descriptive name of the parameter that you are validating (e.g., LoginPage_UsernameField). This value is used by any logging or error handling that is done with respect to the value passed in.

input - redirect location to be returned as valid, according to encoding rules set in "ESAPI.properties"

allowNull - If allowNull is true then an input that is NULL or an empty string will be legal. If allowNull is false then NULL or an empty String will throw a ValidationException.

Returns:

A canonicalized and validated redirect location, as defined in "ESAPI.properties"

Throws:

ValidationException

IntrusionException

getValidRedirectLocation

public String getValidRedirectLocation(String context,
                              String input,
                              boolean allowNull,
                              ValidationErrorList errors)
                                throws IntrusionException

ValidationErrorList variant of getValidRedirectLocation

Specified by:

getValidRedirectLocation in interface Validator

Parameters:

errors -

Throws:

IntrusionException

safeReadLine

public String safeReadLine(InputStream in,
                  int max)
                    throws ValidationException

Reads from an input stream until end-of-line or a maximum number of characters. This method protects against the inherent denial of service attack in reading until the end of a line. If an attacker doesn't ever send a newline character, then a normal input stream reader will read until all memory is exhausted and the platform throws an OutOfMemoryError and probably terminates. This implementation reads until a newline or the specified number of characters.

Specified by:

safeReadLine in interface Validator

Parameters:

in -

max -

Returns:

a String containing the current line of inputStream

Throws:

ValidationException