Could someone explain this to me?
Locked
Could someone explain this to me?
 
|
version 803418 (9.04)
Where is this log messaging coming from? What framework or other component is generating it? And under what types of conditions? Aug 13, 2009 7:56:49 PM AppNameNotSpecified IntrusionDetector WARNING: SECURITY-FAILURE Anonymous@unknown:unknown -- Invalid HTML input: context=body, errors=[The <b>table</b> tag has been filtered for security reasons. The contents of the tag will remain in place., The <b>tr</b> tag has been filtered for security reasons. The contents of the tag will remain in place., The <b>th</b> tag has been filtered for security reasons. The contents of the tag will remain in place., The <b>tr... *[THIS PART REMOVED]* ...contents of the tag will remain in place., The <b>td</b> tag has been filtered for security reasons. The contents of the tag will remain in place.] ValidationException @ org.owasp.esapi.reference.DefaultValidator.getValidSafeHTML(null:-1) Thanks Ruth |
Re: Could someone explain this to me?
|
|
Hi Ruth,
I believe this is the standard Ofbiz validation of incoming parameters to a service. It appears this is used when the incoming parameter has been marked as to allow only "safe" html. The implementation makes use of the DefaultValidator below and can be configured by changing the a xml file. Here is the comment in the code: Based on the ESAPI validator configured in the antisamy-esapi.xml file. So from this I would gauge that you had put something in your screen and then clicked to post that information to the sever. One of the fields from your form post contains some characters that the validator deemed to not be "safe". This type of stuff is usually to guard against sql injection and such ... My guess is that you pasted some html into a textarea and tried to do a save?
|
Re: Could someone explain this to me?
|
|
Hi Bob:
Thanks for the response. Based on your answer, I'm wondering when OFBiz started doing this and where in the code/or configuration files I can go to remove this logging. Could this be part of scrubbing that is done as a precursor to using the sendMail service? I'm trying to figure out where this is happening. I am posting some text from a textarea. And I'm saving that and then formatting and sending an email with some of that content. Thanks again. Ruth Bob Morley wrote: > Hi Ruth, > > I believe this is the standard Ofbiz validation of incoming parameters to a > service. It appears this is used when the incoming parameter has been > marked as to allow only "safe" html. The implementation makes use of the > DefaultValidator below and can be configured by changing the a xml file. > Here is the comment in the code: > > Based on the ESAPI validator configured in the antisamy-esapi.xml file. > > So from this I would gauge that you had put something in your screen and > then clicked to post that information to the sever. One of the fields from > your form post contains some characters that the validator deemed to not be > "safe". This type of stuff is usually to guard against sql injection and > such ... My guess is that you pasted some html into a textarea and tried to > do a save? > > > Ruth Hoffman-2 wrote: > >> version 803418 (9.04) >> Where is this log messaging coming from? What framework or other >> component is generating it? And under what types of conditions? >> >> Aug 13, 2009 7:56:49 PM AppNameNotSpecified IntrusionDetector >> WARNING: SECURITY-FAILURE Anonymous@unknown:unknown -- Invalid HTML >> input: context=body, errors=[The table tag has been filtered for >> security reasons. The contents of the tag will remain in place., The >> tr tag has been filtered for security reasons. The contents of >> the tag will remain in place., The th tag has been filtered for >> security reasons. The contents of the tag will remain in place., The >> tr... *[THIS PART REMOVED]* ...contents of the tag will remain in >> place., The td tag has been filtered for security reasons. The >> contents of the tag will remain in place.] >> ValidationException @ >> org.owasp.esapi.reference.DefaultValidator.getValidSafeHTML(null:-1) >> >> Thanks >> Ruth >> >> >> >> > > |
Re: Could someone explain this to me?
Administrator
|
From: "Ruth Hoffman" <[hidden email]>
> Hi Bob: > Thanks for the response. Based on your answer, I'm wondering when OFBiz started doing this This effort began around november 2008 and "ended" (not totally complete, say 98%, see https://issues.apache.org/jira/browse/OFBIZ-1525 for instance) around Mars 2009 >and where in the code/or configuration files I can go to remove this logging. I'm afraid there is nothing in OFBiz currently in OFBiz to remove this kind of loggin. It may be doable and is a part of Esapi (http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API) >Could this be part of scrubbing that is done as a precursor to using the sendMail service? Not it's not specifically related to that. Jacques >I'm trying to figure out where this is happening. I am posting some text from a textarea. And I'm saving that and then formatting >and sending an email with some of that content. > > Thanks again. > Ruth > Bob Morley wrote: >> Hi Ruth, >> >> I believe this is the standard Ofbiz validation of incoming parameters to a >> service. It appears this is used when the incoming parameter has been >> marked as to allow only "safe" html. The implementation makes use of the >> DefaultValidator below and can be configured by changing the a xml file. Here is the comment in the code: >> >> Based on the ESAPI validator configured in the antisamy-esapi.xml file. >> >> So from this I would gauge that you had put something in your screen and >> then clicked to post that information to the sever. One of the fields from >> your form post contains some characters that the validator deemed to not be >> "safe". This type of stuff is usually to guard against sql injection and >> such ... My guess is that you pasted some html into a textarea and tried to >> do a save? >> >> >> Ruth Hoffman-2 wrote: >> >>> version 803418 (9.04) >>> Where is this log messaging coming from? What framework or other component is generating it? And under what types of conditions? >>> >>> Aug 13, 2009 7:56:49 PM AppNameNotSpecified IntrusionDetector >>> WARNING: SECURITY-FAILURE Anonymous@unknown:unknown -- Invalid HTML input: context=body, errors=[The table tag has been filtered >>> for security reasons. The contents of the tag will remain in place., The tr tag has been filtered for security reasons. The >>> contents of the tag will remain in place., The th tag has been filtered for security reasons. The contents of the tag will >>> remain in place., The tr... *[THIS PART REMOVED]* ...contents of the tag will remain in place., The td tag has been filtered for >>> security reasons. The contents of the tag will remain in place.] >>> ValidationException @ org.owasp.esapi.reference.DefaultValidator.getValidSafeHTML(null:-1) >>> >>> Thanks >>> Ruth >>> >>> >>> >>> >> >> > |
«
Return to OFBiz - User
|
1 view|%1 views
| Free forum by Nabble | Edit this page |