BoxLang 🚀 A New JVM Dynamic Language Learn More...
⚡︎ BoxLang Module: ESAPI & Antisamy Module
|:------------------------------------------------------: |
| ⚡︎ B o x L a n g ⚡︎
| Dynamic : Modular : Productive
|:------------------------------------------------------: |
Copyright Since 2023 by Ortus Solutions, Corp
www.boxlang.io | www.ortussolutions.com
This module provides ESAPI functionality for stronger, more secure applications. This module is part of the BoxLang project.
BIFs
Encoding
This module contributes the following ESAPI encoding BIFs:
encodeFor()- see cfdocs.org/encodeForesapiEncode()- see cfdocs.org/esapiEncodeencodeForSQL()- see cfdocs.org/encodeForSQLencodeForCSS()- see cfdocs.org/encodeForCSSencodeForDN()- see cfdocs.org/encodeForDNencodeForHTML()- see cfdocs.org/encodeForHTMLencodeForHTMLAttribute()- see cfdocs.org/encodeForHTMLAttributeencodeForJavaScript()- see cfdocs.org/encodeForJavaScriptencodeForLDAP()- see cfdocs.org/encodeForLDAPencodeForURL()- see cfdocs.org/encodeForURLencodeForXML()- see cfdocs.org/encodeForXMLencodeForXMLAttribute()- see cfdocs.org/encodeForXMLAttributeencodeForXPath()- see cfdocs.org/encodeForXPath
Decoding
This module contributes the following ESAPI decoding BIFs:
canonicalize()- see cfdocs.org/canonicalizedecodeFor()esapiDecode()- see cfdocs.org/esapiDecodedecodeForBase64()- see cfdocs.org/decodeForBase64decodeForHTML()- see cfdocs.org/decodeForHTMLdecodeForJSON()- see cfdocs.org/decodeForJSONdecodeFromURL()- see cfdocs.org/decodeFromURL
Other
This module contributes these remaining ESAPI BIFs:
getSafeHTML()- see cfdocs.org/getSafeHTMLisSafeHTML()- see cfdocs.org/isSafeHTMLsanitizeHTML()- see cfdocs.org/sanitizeHTML
Component
This module contains no BoxLang Components.
Examples
Encode user-supplied data in HTML to avoid XSS vulnerabilities:
<bx:output>
<h2>#encodeForHTML( book.title )#</h2>
<a href="#encodeForHTMLAttribute( book.goodreadsURL )#">Read on Goodreads</a>
</bx:output>
Ortus Sponsors
BoxLang is a professional open-source project and it is completely funded by the community and Ortus Solutions, Corp. Ortus Patreons get many benefits like a cfcasts account, a FORGEBOX Pro account and so much more. If you are interested in becoming a sponsor, please visit our patronage page: https://patreon.com/ortussolutions
THE DAILY BREAD
"I am the way, and the truth, and the life; no one comes to the Father, but by me (JESUS)" Jn 14:1-12
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Unreleased
1.1.0 - 2024-09-16
Added
- Upgraded to all latest CI
1.0.0 - 2024-06-13
- Upgraded to latest ESAPI due to CVE
- First iteration of this module
-
Ortus Solutions
- Published
-
1.1.0+3 is the latest of 6 release(s)
Published
- Published on {{ getFullDate("2024-09-16T19:54:54Z") }}
-
-
Apache-2.0
- boxlang-modules/bx-esapi
Use It
$
box install bx-esapi
Collaborators 0
Stats
- {{ getFullDate("2024-05-14T22:23:15Z") }}
- {{ getFullDate("2024-09-16T19:54:54Z") }}
- 550
- 885