camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Müller <christian.muel...@gmail.com>
Subject Re: Security: Input validation in camel
Date Thu, 20 Jun 2013 19:13:03 GMT
Yes, there is no explicit input validation.
Yes, you can add a generic OwaspInterceptor by using "interceptFrom()".
It's global per Camel context.

Best,
Christian
-----------------

Software Integration Specialist

Apache Camel committer: https://camel.apache.org/team
V.P. Apache Camel: https://www.apache.org/foundation/
Apache Member: https://www.apache.org/foundation/members.html

https://www.linkedin.com/pub/christian-mueller/11/551/642


On Thu, Jun 20, 2013 at 5:29 PM, Frank Ertl <
frank.ertl@f-i-solutions-plus.de> wrote:

> Hi folks,
>
> is there any input validation in camel regarding secure coding guidelines
> as
> the OWASP suggests (check for nullbytes, hazardous characters, and so on)?
> My research in the mailinglist and the wiki didn't turn up anything, but
> that doesn't mean there is no such thing.
>
> If there is really nothing: Do I interpret the documentation of
> interceptFrom() correct, when I think that this is global for all routes,
> so
> I could add an generic "OwaspInterceptor" to all my routes?
>
> Regards,
> Frank
>
>
>
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/Security-Input-validation-in-camel-tp5734451.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message