A C D E F G H I J K L M N O P R S T U V W

S

SECURITY - Static variable in interface org.owasp.esapi.Logger

The SECURITY.

SecurityConfiguration - interface org.owasp.esapi.SecurityConfiguration.

The ISecurityConfiguration interface stores all configuration information that directs the behavior of the ESAPI implementation.

SecurityConfiguration.Threshold - class org.owasp.esapi.SecurityConfiguration.Threshold.

SecurityConfiguration.Threshold(String, int, long, List) - Constructor for class org.owasp.esapi.SecurityConfiguration.Threshold

safeAddCookie(String, String, int, String, String) - Method in interface org.owasp.esapi.HTTPUtilities

Adds a cookie to the specified HttpServletResponse and adds the Http-Only flag.

safeAddCookie(String, String, int, String, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Adds a cookie to the HttpServletResponse that uses Secure and HttpOnly flags.

safeAddCookie(Cookie) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeAddHeader(String, String) - Method in interface org.owasp.esapi.HTTPUtilities

Adds a header to an HttpServletResponse after checking for special characters (such as CRLF injection) that could enable attacks like response splitting and other header-based attacks that nobody has thought of yet.

safeAddHeader(String, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeEncodeRedirectURL(String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Return exactly what was sent to prevent URL rewriting.

safeEncodeRedirectUrl(String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Deprecated.

safeEncodeURL(String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Return exactly what was sent to prevent URL rewriting.

safeEncodeUrl(String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Deprecated.

safeReadLine(InputStream, int) - Method in interface org.owasp.esapi.Validator

Reads from an input stream until end-of-line or a maximum number of characters.

safeReadLine(InputStream, int) - Method in class org.owasp.esapi.reference.DefaultValidator

This implementation reads until a newline or the specified number of characters.

safeSendError(int) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSendError(int, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSendForward(String, String) - Method in interface org.owasp.esapi.HTTPUtilities

This method perform a forward to any resource located inside the WEB-INF directory.

safeSendForward(String, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSendRedirect(String, String) - Method in interface org.owasp.esapi.HTTPUtilities

This method generates a redirect response that can only be used to redirect the browser to safe locations.

safeSendRedirect(String, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetCharacterEncodingInRequest(String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetCharacterEncodingInResponse(String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetContentType() - Method in interface org.owasp.esapi.HTTPUtilities

Sets the content type on each HTTP response, to help protect against cross-site scripting attacks and other types of injection into HTML documents.

safeSetContentType() - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Set the character encoding on every HttpServletResponse in order to limit the ways in which the input data can be represented.

safeSetDateHeader(String, long) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetHeader(String, String) - Method in interface org.owasp.esapi.HTTPUtilities

Sets a header in an HttpServletResponse after checking for special characters (such as CRLF injection) that could enable attacks like response splitting and other header-based attacks that nobody has thought of yet.

safeSetHeader(String, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetIntHeader(String, int) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetLocale(Locale) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetStatus(int) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

safeSetStatus(int, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

seal(String, long) - Method in interface org.owasp.esapi.Encryptor

Creates a seal that binds a set of data and includes an expiration timestamp.

seal(String, long) - Method in class org.owasp.esapi.reference.JSEEncryptor

securityConfiguration() - Static method in class org.owasp.esapi.ESAPI

setAccessController(AccessController) - Static method in class org.owasp.esapi.ESAPI

setAccountName(String) - Method in interface org.owasp.esapi.User

Sets the account name.

setAccountName(String) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the account name.

setAuthenticator(Authenticator) - Static method in class org.owasp.esapi.ESAPI

setCurrentHTTP(HttpServletRequest, HttpServletResponse) - Method in interface org.owasp.esapi.HTTPUtilities

Stores the current HttpRequest and HttpResponse so that they may be readily accessed throughout ESAPI (and elsewhere)

setCurrentHTTP(HttpServletRequest, HttpServletResponse) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

setCurrentUser(User) - Method in interface org.owasp.esapi.Authenticator

Sets the currently logged in User.

setCurrentUser(User) - Method in class org.owasp.esapi.reference.FileBasedAuthenticator

setEncoder(Encoder) - Static method in class org.owasp.esapi.ESAPI

setEncryptor(Encryptor) - Static method in class org.owasp.esapi.ESAPI

setExecutor(Executor) - Static method in class org.owasp.esapi.ESAPI

setExpirationTime(Date) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the expiration time.

setHttpUtilities(HTTPUtilities) - Static method in class org.owasp.esapi.ESAPI

setIntrusionDetector(IntrusionDetector) - Static method in class org.owasp.esapi.ESAPI

setLastFailedLoginTime(Date) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the last failed login time.

setLastHostAddress(String) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the last remote host address used by this User.

setLastLoginTime(Date) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the last login time.

setLastPasswordChangeTime(Date) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the last password change time.

setLogger(LogFactory) - Static method in class org.owasp.esapi.ESAPI

setName(String) - Method in class org.owasp.esapi.tags.EncodeForHTMLAttributeTag

setName(String) - Method in class org.owasp.esapi.tags.EncodeForHTMLJavaScriptTag

setName(String) - Method in class org.owasp.esapi.tags.EncodeForHTMLTag

setName(String) - Method in class org.owasp.esapi.tags.EncodeForVBScriptTag

setNoCacheHeaders() - Method in interface org.owasp.esapi.HTTPUtilities

Set headers to protect sensitive information against being cached in the browser.

setNoCacheHeaders() - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Set headers to protect sensitive information against being cached in the browser.

setProperty(String, String) - Method in interface org.owasp.esapi.EncryptedProperties

Encrypts the plaintext property value and stores the ciphertext value in the encrypted store.

setProperty(String, String) - Method in class org.owasp.esapi.reference.DefaultEncryptedProperties

setRandomizer(Randomizer) - Static method in class org.owasp.esapi.ESAPI

setRememberToken(String, int, String, String) - Method in interface org.owasp.esapi.HTTPUtilities

Set a cookie containing the current User's remember me token for automatic authentication.

setRememberToken(String, int, String, String) - Method in class org.owasp.esapi.reference.DefaultHTTPUtilities

Save the user's remember me token in a cookie.

setResourceDirectory(String) - Method in interface org.owasp.esapi.SecurityConfiguration

Sets the ESAPI resource directory.

setResourceDirectory(String) - Method in class org.owasp.esapi.reference.DefaultSecurityConfiguration

setRoles(Set) - Method in interface org.owasp.esapi.User

Sets the roles.

setRoles(Set) - Method in class org.owasp.esapi.reference.DefaultUser

Sets the roles.

setScreenName(String) - Method in interface org.owasp.esapi.User

Sets the screen name.

setScreenName(String) - Method in class org.owasp.esapi.reference.DefaultUser

setSecurityConfiguration(SecurityConfiguration) - Static method in class org.owasp.esapi.ESAPI

setValidator(Validator) - Static method in class org.owasp.esapi.ESAPI

sign(String) - Method in interface org.owasp.esapi.Encryptor

Create a digital signature for the provided data and return it in a string.

sign(String) - Method in class org.owasp.esapi.reference.JSEEncryptor

store(OutputStream, String) - Method in class org.owasp.esapi.reference.DefaultEncryptedProperties

Store.