ESAPI Secure Coding Guideline

Here is a typical list of web application security requirements that shows how you can use ESAPI to implement them. All the requirements that are handled automatically by ESAPI have been left out.

=Using Security Controls=

Secure Configuration and Deployment
=Avoiding Specific Risks=

Denial of Service
=Banned APIs=

The following calls are dangerous and should be replaces with the safer calls provided by ESAPI.