Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Housekeeping, OSGI start/stop, Parameterized some hardcoded values. #663

Merged
merged 17 commits into from
Feb 26, 2022
Merged

Housekeeping, OSGI start/stop, Parameterized some hardcoded values. #663

merged 17 commits into from
Feb 26, 2022

Conversation

xeno6696
Copy link
Collaborator

Also, this updates AntiSamy to 1.6.5. This also records the changes for #661 and the revert commit. (If we ever want to return to OSGI manifests it's at least in the revision history.)

Matt Seil and others added 15 commits April 4, 2021 10:33
Signed key history for MATT SEIL begins here.
f8ac3fd
@xeno6696
Signed key history for MATT SEIL begins here. Fixed email typo.
87c4c4e
@xeno6696
Merge branch 'develop' of https://github.com/xeno6696/esapi-java-legacy
8cd4ab2 
… into develop
@xeno6696
Revert "Signed key history for MATT SEIL begins here. Fixed email typo."
304ee3e 
This reverts commit 87c4c4e.
@xeno6696
Merging.
fe6ed91
@xeno6696
created file on main.
0fb6613
@xeno6696
Deleted foo.txt
dc16afd
@xeno6696
Merged with upstream/develop
eebcc8f
@xeno6696
Merge remote-tracking branch 'upstream/develop' into develop
a3967b6
@xeno6696
#661 Added ability to generate OSGi metadata with the command 'mvn or…
9fa2a53 
…g.apache.felix:maven-bundle-plugin:manifest'.
@xeno6696
Updated to AntiSamy 1.6.5.
1d92c37
@xeno6696
Merge remote-tracking branch 'upstream/develop' into develop
c7e431e
@xeno6696
Revert "#661 Added ability to generate OSGi metadata with the command…
ccf203b 
… 'mvn org.apache.felix:maven-bundle-plugin:manifest'."

This reverts commit 9fa2a53.
@xeno6696
Merge remote-tracking branch 'upstream/develop' into develop
9934557
@xeno6696
#656 --> Parameterized cookie name length and value to correspond wit…
d975a8a 
…h the HTTP maxes defined in esapi.properties.
@xeno6696 xeno6696 changed the title Housekeeping PR to ensure that I'm in sync with the REPO and that my key changes are recorded. Housekeeping, OSGI start/stop, Parameterized some hardcoded values. Feb 25, 2022
kwwall
kwwall requested changes Feb 25, 2022
View reviewed changes
configuration/esapi/ESAPI.properties Outdated Show resolved Hide resolved
src/test/resources/esapi/ESAPI.properties Outdated Show resolved Hide resolved
xeno6696
xeno6696 commented Feb 25, 2022
View reviewed changes
Copy link
Collaborator Author

@xeno6696 xeno6696 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kwwall the change to zero is in this commit here.

@xeno6696 xeno6696 requested a review from kwwall February 26, 2022 03:43
@kwwall kwwall merged commit 0f9ab8a into ESAPI:develop Feb 26, 2022
@xeno6696 xeno6696 mentioned this pull request Mar 19, 2022
Merged
kwwall added a commit that referenced this pull request Apr 8, 2022
@xeno6696 @kwwall
Some of this appears to have been already covered in PR #663 (#670)
5db31cf 
* Signed key history for MATT SEIL begins here.

* Signed key history for MATT SEIL begins here.  Fixed email typo.

* Revert "Signed key history for MATT SEIL begins here.  Fixed email typo."

This reverts commit 87c4c4e.

* created file on main.

* Deleted foo.txt

* Bump release to new patch version #.

* #661 Added ability to generate OSGi metadata with the command 'mvn org.apache.felix:maven-bundle-plugin:manifest'.

* Updated to AntiSamy 1.6.5.

* Revert "#661 Added ability to generate OSGi metadata with the command 'mvn org.apache.felix:maven-bundle-plugin:manifest'."

This reverts commit 9fa2a53.

* #656 -->  Parameterized cookie name length and value to correspond with the HTTP maxes defined in esapi.properties.

* Adjusted regex to allow for zero-length matches.

* Added per review comments for PR #663

* #656 Finished sweep looking for headername, headervalue, and header value sizes as well as the 'Cookie' versions of those statements.  Added unit tests.

* #663 Fixed a missed unit test.

* Antisamy 1.6.6, Antisamy regression test for analysis 1.  A handful of new regression tests for other purposes in validation and encoder tests.

* Attempting to fix classfile differences with antisamy dependencies.

* Fixed typo on exclusion.

* Added xerces exclusion to antisamy in the pom.xml

* Added test cases 2 & 3.

* Added test cases 2 & 3.  @ignore on test case 3 from AntiSamy as the DOS is still present.

* Forced my version to match Wichers.

* Added a pair of unit tests for canoncialization to prove out an issue opened up on github.  One of which however reminded me that we need a codec to account for UTF-8 encoding/decoding.

Co-authored-by: Matt Seil <xeno6696[at]gmail.com>
Co-authored-by: kwwall <kevin.w.wall@gmail.com>
@kwwall kwwall mentioned this pull request Jul 16, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kwwall kwwall Awaiting requested review from kwwall

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xeno6696 @kwwall