This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

ESAPI Validation

From OWASP
Revision as of 14:32, 11 December 2008 by Alexsmolen (talk | contribs) (Possible Enhancements)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Possible Enhancements

  • Reduce the number of required parameters to validation methods by creating new methods signatures that use default parameters.
  • Change the Validation methods to Validation classes that can be applied in a Strategy Pattern. This means that rather than having specific methods such as validateCreditCard and validateEmailAddress there would be a Validator interface which would be implemented by classes like CreditCardValidator and EmailAddressValidator. This is analogous to the Encoding classes in ESAPI. This offers the benefit that new Validation classes can be created and current Validation classes can be modified without changing the interface. Additionally, Validators can be stacked to provide multiple forms of validation