VCG generates a lot of results with the following message:
The application appears to use data contained in the
HttpServletRequest without validation or sanitisation.
No validator plug-ins were located in the application's
XML files.
I was wondering which validator plugins are supported/detected.
Thanks in advance
Last edit: Rodrigo Ruiz 2014-07-01
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
It makes a fairly simple check for Struts validation in any XML files it encounters and also assumes some other type of validation is in place if any method called 'validate' is applied to input data.
Thanks
Nick
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
VCG generates a lot of results with the following message:
I was wondering which validator plugins are supported/detected.
Thanks in advance
Last edit: Rodrigo Ruiz 2014-07-01
Hi Rodrigo
It makes a fairly simple check for Struts validation in any XML files it encounters and also assumes some other type of validation is in place if any method called 'validate' is applied to input data.
Thanks
Nick