comment out the native2ascii for now

planetlevel · planetlevel · commit 5810ff070946 · 2009-05-28T04:25:29.000Z
diff --git a/.classpath b/.classpath
@@ -1,8 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <classpath>
 	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
+	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
 	<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
 	<classpathentry kind="con" path="org.maven.ide.eclipse.MAVEN2_CLASSPATH_CONTAINER"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/jdk1.5.0_19"/>
 	<classpathentry kind="output" path="target/classes"/>
 </classpath>
diff --git a/.project b/.project
@@ -9,15 +9,24 @@
 		This can result in significant cost savings across the SDLC.</comment>
   <projects/>
   <buildSpec>
+    <buildCommand>
+      <name>org.eclipse.wst.common.project.facet.core.builder</name>
+    </buildCommand>
     <buildCommand>
       <name>org.eclipse.jdt.core.javabuilder</name>
     </buildCommand>
+    <buildCommand>
+      <name>org.eclipse.wst.validation.validationbuilder</name>
+    </buildCommand>
     <buildCommand>
       <name>org.maven.ide.eclipse.maven2Builder</name>
     </buildCommand>
   </buildSpec>
   <natures>
     <nature>org.maven.ide.eclipse.maven2Nature</nature>
+    <nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
+    <nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
     <nature>org.eclipse.jdt.core.javanature</nature>
+    <nature>org.eclipse.wst.common.project.facet.core.nature</nature>
   </natures>
 </projectDescription>
diff --git a/pom.xml b/pom.xml
@@ -123,6 +123,8 @@
 					<downloadSources>true</downloadSources>
 				</configuration>
 			</plugin>
+
+<!-- This doesn't seem to work reliably
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-antrun-plugin</artifactId>
@@ -156,6 +158,8 @@
 				  </dependency>
 			 </dependencies>
 			</plugin>
+-->
+			
 		</plugins>
 	</build>
 	<reporting>
diff --git a/src/main/java/org/owasp/esapi/PreparedString.java b/src/main/java/org/owasp/esapi/PreparedString.java
@@ -0,0 +1,51 @@
+/**
+ * OWASP Enterprise Security API (ESAPI)
+ * 
+ * This file is part of the Open Web Application Security Project (OWASP)
+ * Enterprise Security API (ESAPI) project. For details, please see
+ * <a href="http://www.owasp.org/index.php/ESAPI">http://www.owasp.org/index.php/ESAPI</a>.
+ *
+ * Copyright (c) 2007 - The OWASP Foundation
+ * 
+ * The ESAPI is published by OWASP under the BSD license. You should read and accept the
+ * LICENSE before you use, modify, and/or redistribute this software.
+ * 
+ * @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
+ * @created 2007
+ */
+package org.owasp.esapi;
+
+
+/**
+ * A parameterized string that can be used to send data to an interpreter.
+ * 
+ * PreparedString div = new PreparedString( �<a href=�@1� onmouseover=�alert(�@2�)�>test</a>� );
+ * div.setURL( 1, request.getParameter( �url� ) );
+ * div.setJavaScriptString( 2, request.getParameter( �message� ) );
+ * out.println( div.toString() );
+ * 
+ * // escaping for SQL
+ * PreparedString query = new PreparedString( �SELECT * FROM users WHERE name=@1 AND password=@2� );
+ * query.setSQLString( 1, request.getParameter( �name� ) );
+ * query.setSQLString( 1, request.getParameter( �pass� ) );
+ * stmt.execute( query.toString() );
+ * 
+ * @author Jeff Williams (jeff.williams .at. aspectsecurity.com) <a
+ *         href="http://www.aspectsecurity.com">Aspect Security</a>
+ * @since June 1, 2007
+ */
+public class PreparedString {
+	String template = null;
+	char parameterCharacter = '@';
+	
+	public PreparedString( String template ) {
+		this.template = template;
+	}
+	
+	public void setParameterCharacter( char c ) {
+		parameterCharacter = c;
+	}
+	
+	/// FIXME: xxx
+	
+}
diff --git a/src/main/java/org/owasp/esapi/codecs/Codec.java b/src/main/java/org/owasp/esapi/codecs/Codec.java
@@ -70,7 +70,12 @@ public String encode(char[] immune, String input) {
         }
         return sb.toString();
     }
-
+    
+//    public abstract String encodeString( String input ) ;
+	
+//    public abstract String encodeDate( String input ) ;
+	
+//    public abstract String encodeNumber( String input ) ;
 	
 	/**
 	 * Default implementation that should be overridden in specific codecs.

Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,12 @@ public String encode(char[] immune, String input) {`
`70`	`70`	`}`
`71`	`71`	`return sb.toString();`
`72`	`72`	`}`
`73`		`-`
	`73`	`+`
	`74`	`+// public abstract String encodeString( String input ) ;`
	`75`	`+`
	`76`	`+// public abstract String encodeDate( String input ) ;`
	`77`	`+`
	`78`	`+// public abstract String encodeNumber( String input ) ;`
`74`	`79`
`75`	`80`	`/**`
`76`	`81`	`* Default implementation that should be overridden in specific codecs.`