我有一个JSP页面,我会接受名字,电子邮件,电话,位置和评论。
在此页面中,firstname和comments将接受特殊字符。
当我点击发送按钮时,它会为下面的字符抛出错误。
! * ? \ % } { = < > ~ `
但是,如果我发送以下字符,它不会抛出任何错误,它会传递这些字符
@ # $ ^ & ( ) _ + - ' " : ; / . , | ] [
当我传递下面的字符时
! * ? \ % } { = < > ~ `
我会收到这些错误
SecurityConfiguration for ESAPI.IntrusionDetector not found in ESAPI.properties. Using default: org.owasp.esapi.reference.DefaultIntrusionDetector
SecurityConfiguration for Logger.LogEncodingRequired not found in ESAPI.properties. Using default: false
SecurityConfiguration for ESAPI.HTTPUtilities not found in ESAPI.properties. Using default: org.owasp.esapi.reference.DefaultHTTPUtilities
SecurityConfiguration for ESAPI.HTTPUtilities not found in ESAPI.properties. Using default: org.owasp.esapi.reference.DefaultHTTPUtilities
SecurityConfiguration for ESAPI.Authenticator not found in ESAPI.properties. Using default: org.owasp.esapi.reference.FileBasedAuthenticator
SecurityConfiguration for ESAPI.Authenticator not found in ESAPI.properties. Using default: org.owasp.esapi.reference.FileBasedAuthenticator