You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@camel.apache.org by Frank Ertl <fr...@f-i-solutions-plus.de> on 2013/06/20 17:29:27 UTC

Security: Input validation in camel

Hi folks,

is there any input validation in camel regarding secure coding guidelines as
the OWASP suggests (check for nullbytes, hazardous characters, and so on)?
My research in the mailinglist and the wiki didn't turn up anything, but
that doesn't mean there is no such thing. 

If there is really nothing: Do I interpret the documentation of
interceptFrom() correct, when I think that this is global for all routes, so
I could add an generic "OwaspInterceptor" to all my routes? 

Regards,
Frank
 





--
View this message in context: http://camel.465427.n5.nabble.com/Security-Input-validation-in-camel-tp5734451.html
Sent from the Camel - Users mailing list archive at Nabble.com.

Re: Security: Input validation in camel

Posted by Christian Müller <ch...@gmail.com>.

Yes, there is no explicit input validation.
Yes, you can add a generic OwaspInterceptor by using "interceptFrom()".
It's global per Camel context.

Best,
Christian
-----------------

Software Integration Specialist

Apache Camel committer: https://camel.apache.org/team
V.P. Apache Camel: https://www.apache.org/foundation/
Apache Member: https://www.apache.org/foundation/members.html

https://www.linkedin.com/pub/christian-mueller/11/551/642


On Thu, Jun 20, 2013 at 5:29 PM, Frank Ertl <
frank.ertl@f-i-solutions-plus.de> wrote:

> Hi folks,
>
> is there any input validation in camel regarding secure coding guidelines
> as
> the OWASP suggests (check for nullbytes, hazardous characters, and so on)?
> My research in the mailinglist and the wiki didn't turn up anything, but
> that doesn't mean there is no such thing.
>
> If there is really nothing: Do I interpret the documentation of
> interceptFrom() correct, when I think that this is global for all routes,
> so
> I could add an generic "OwaspInterceptor" to all my routes?
>
> Regards,
> Frank
>
>
>
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/Security-Input-validation-in-camel-tp5734451.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>