Created
October 22, 2012 10:15
-
-
Save coldfumonkeh/3930771 to your computer and use it in GitHub Desktop.
Use the ESAPI canonicalize security function in ColdFusion 8.01 and 9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cfset strText = 'Hello, world. This is the <strong>greatest</strong> example in the world.' /> | |
| <!--- Instantiate the ESAPI object. ---> | |
| <cfset objESAPI = createObject("java","org.owasp.esapi.ESAPI") /> | |
| <!--- Assign the Encoder class to a new variable. ---> | |
| <cfset objEncoder = objESAPI.encoder() /> | |
| <!--- Canonicalize the provided string. ---> | |
| <cfset strClean = objEncoder.canonicalize(strText, false, false) /> | |
| <!--- | |
| In this example we created a separate object for the Encoder class. | |
| You could simply call the canonicalize function this way, too: | |
| <cfset strClean = objESAPI.encoder().canonicalize('whatever your input string is') /> | |
| ---> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment