| Author |
Input Validation Error
|
Nelo Angelo
Ranch Hand
Joined: Jul 25, 2011
Posts: 44
|
|
Hi there,
I was trying an input validation example taken from the OWASP ESAPI and I am getting the following error:
Error: Cannot make a static reference to the non-static method getValidInput(String, String, String, int, boolean) from the type Validator
Html:
Servlet
Any suggestions?
|
I love java but she hates me... :'(
|
 |
Seetharaman Venkatasamy
Bartender
Joined: Jan 28, 2008
Posts: 4503
|
|
|
the error message states getValidInput method is not a static method. but you have made a static method call which is wrong!
|
Not everything that counts can be counted, and not everything that can be counted counts-Albert Einstein
|
|
Nelo Angelo
Ranch Hand
Joined: Jul 25, 2011
Posts: 44
|
|
Hi,
Thanks for the reply. I made proper adjustments to the syntax and now I am getting the following exception:
type Exception report
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: Servlet execution threw an exception
root cause
java.lang.NoClassDefFoundError: org/owasp/validator/html/PolicyException
com.example.web.InputValidation.doPost(InputValidation.java:44)
New Code:
|
|
Seetharaman Venkatasamy
Bartender
Joined: Jan 28, 2008
Posts: 4503
|
|
|
http://docs.oracle.com/javase/7/docs/api/java/lang/NoClassDefFoundError.html
|
|
Kevin W. Wall
Greenhorn
Joined: Jan 29, 2012
Posts: 1
|
|
Nelo Angelo wrote:Hi,
Thanks for the reply. I made proper adjustments to the syntax and now I am getting the following exception:
type Exception report
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
javax.servlet.ServletException: Servlet execution threw an exception
root cause
java.lang.NoClassDefFoundError: org/owasp/validator/html/PolicyException
com.example.web.InputValidation.doPost(InputValidation.java:44)
New Code:
First, rather than using
I would recommend using:
Secondly, what version of ESAPI are you using? The latest version (which I would highly recommend) is 2.0.1.
Lots of bug fixes in ESAPI 2.0.x. The reason I ask is that ESAPI 2.0 has no PolicyException. In fact, Validator.isValidInput() throws IntrusionException not PolicyException. (See
http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/Validator.html#isValidInput%28java.lang.String,%20java.lang.String,%20java.lang.String,%20int,%20boolean%29)
Thirdly, I'd recommend that you post ESAPI questions to the ESAPI-User mailing list if you have ESAPI specific questions. You can sign up for that mailing list at:
https://lists.owasp.org/mailman/listinfo/esapi-user
Hope this helps somewhat.
-kevin wall
|
|
Nelo Angelo
Ranch Hand
Joined: Jul 25, 2011
Posts: 44
|
|
Hi kevin, thanks for the reply. I ran the code with the changes you suggested but the same exception keeps appearing.
I am using ESAPI 1.4.4.
Also, when I run other projects that use ESAPI (SqlInjection prevention), it runs successfully, but produces the following warning:
Thanks for the info about their mailing list. I forwarded this issue to them and hope that this problem would be fixed soon. 
|
|
 |
|
|
subject: Input Validation Error
|
|
|
0
