Skip to content

Commit

Permalink
Improved documentation (#853)
Browse files Browse the repository at this point in the history 
* Updated README.md
  • Loading branch information
@DebajitKumarPhukan
DebajitKumarPhukan authored Sep 14, 2024
1 parent cb02efe commit 57c12af
Showing 1 changed file with 36 additions and 1 deletion.
37 changes: 36 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ specific Jakarta version of ESAPI, in Maven, you would specify your ESAPI depend
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.5.3.0-SNAPSHOT</version>
<version>2.5.4.0</version>
<classifier>jakarta</classifier>
</dependency>
```
Expand All @@ -46,6 +46,41 @@ fact, without the
```
that's the version that will be used by default.

# Quickstart - Maven Example
### Step 1: Add the required maven dependencies.
```xml
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.5.3.0 [or later]</version>
<classifier>jakarta</classifier>
</dependency>
<!-- Add the below dependency if the not using JakartaEE -->
<dependency>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<version>6.1.0</version>
<scope>provided</scope>
</dependency>
```
### Step 2: Create 2 properties file namely: ESAPI.properties and validation.properties and add them to your classpath. You can refer to below for boilerplate configurations.
[ESAPI.properties](https://github.com/ESAPI/esapi-java-legacy/blob/develop/configuration/esapi/ESAPI.properties) <br/>
[validation.properties](https://github.com/ESAPI/esapi-java-legacy/blob/develop/configuration/esapi/validation.properties)

### Step 3: Let's say, you want to remediate log injection vulnerabilities. Below is an example to achieve it.
```code
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Logger;
public class Example {
private static Logger LOGGER = ESAPI.getLogger(Example.class);
public void printLog(){
LOGGER.info(Logger.EVENT_SUCCESS, "Log injection remediated !");
}
}
```
For more examples, please visit [https://owasp.org/www-project-enterprise-security-api/](https://owasp.org/www-project-enterprise-security-api/).

# A word about ESAPI vulnerabilities
A summary of all the vulnerabilities that we have written about in either the
ESAPI Security Bulletins or in the GitHub Security Advisories may be found
Expand Down

0 comments on commit 57c12af

Please sign in to comment.