/
Encoding libraries

Encoding libraries

Owned by Former user (Deleted)
Last updated: May 23, 2017Version comment

Input validation is essential to prevent untrusted input of getting executed, the use of encoding libraries available can assist on enforcing strict input control. 

Java Security Libraries:

Apache Shiro: authentication, access control, authorization, session management and cryptography

Spring Security: authentication, access control.

Encoding Libraries:

OWASP ESAPI

OWASP Java Encoder Project

DOMPurify

jPurify

MentalJS

Java HTML Sanitizer

OWASP JSON Sanitizer

OWASP Java HTML Sanitizer

OWASP Java Encoder Project

Prevention:

HTML5 XSS attack vectors

DOM based XSS Prevention Cheat Sheet

Handling Untrusted JSON safely

Testing:

Jacks Codiscope

Testing Checklist

Related content

Secure Coding Guidelines for Java - Resources
Secure Coding Guidelines for Java - Resources
Pentaho Engineering
More like this
References
References
Pentaho Engineering
More like this
A3 Cross-site Scripting (XSS)
A3 Cross-site Scripting (XSS)
Pentaho Engineering
More like this
JS Sanitization with Caja
JS Sanitization with Caja
Pentaho Engineering
More like this
A1 Injection
A1 Injection
Pentaho Engineering
More like this
Terminology 2.x-3.0.x
Terminology 2.x-3.0.x
BI Platform
More like this