0

我使用 ESAPI jar 进行验证。当我调用 isValidInput(Context, input.trim(), ValidateConstant.APLHA_NUMERIC_TYPE, maxLength, true); 或 isValidInput(Context, input, ValidateConstant.NUMERIC_TYPE, maxLength, true); 并且输入错误的特殊字符。然后它会抛出一些像

org.owasp.esapi.errors.ValidationException: input: Invalid input. Please conform to regex ^[0-9]*$ with a maximum length of 15
    at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:144)
    at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:160)
    at org.owasp.esapi.reference.validation.StringValidationRule.getValid(StringValidationRule.java:284)
    at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:214)
    at org.owasp.esapi.reference.DefaultValidator.isValidInput(DefaultValidator.java:152)
    at org.owasp.esapi.reference.DefaultValidator.isValidInput(DefaultValidator.java:143)

这在我单独执行程序时显示。

如何将此异常集成到我的应用程序 server.log 文件中?

4

1 回答 1

0

IntrusionDetector.org.owasp.esapi.errors.IntegrityException.actions=log,disable,logout

# rapid validation errors indicate scans or attacks in progress
# org.owasp.esapi.errors.ValidationException.count=10
# org.owasp.esapi.errors.ValidationException.interval=10
# org.owasp.esapi.errors.ValidationException.actions=log,logout

# sessions jumping between hosts indicates session hijacking
IntrusionDetector.org.owasp.esapi.errors.AuthenticationHostException.count=2
IntrusionDetector.org.owasp.esapi.errors.AuthenticationHostException.interval=10
IntrusionDetector.org.owasp.esapi.errors.AuthenticationHostException.actions=log,logout


#===========================================================================
# ESAPI Validation
#
# The ESAPI Validator works on regular expressions with defined names. You can define names
# either here, or you may define application specific patterns in a separate file defined below.
# This allows enterprises to specify both organizational standards as well as application specific
# validation rules.
于 2015-01-29T06:59:19.940 回答