This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

AppSensor DetectionPoint RE1

Revision as of 14:27, 1 June 2010 by John Melton (talk | contribs) (created)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Here is some sample code that can be used to detect RE1.

//the execution of this line will create an exception if an attack is found - ie. something like TRACE is the request method (valid, but not for this app)
boolean isValid = AttackDetectorUtils.verifyValidRequestMethod(myServletRequest, AttackDetectorUtils.POST); 
if (! isValid) {
    notify user ... ???