Canoniclizing out of EncodeforLdap or EncodeForDN if contains specific characters like "(, ) #" etc. messes up the input.

Description

From shilpi.a...@gmail.com on September 28, 2012 07:16:09

What steps will reproduce the problem? I can do EncodeForLdap and EncodeForDN however the output when passed through canonicalize, is garbage.

Try using test string - "Hi (This) ="
Here "(" is converted to \28 on encoding. On decoding it gets converted to Character 2 which is stx i.e. nothing. What is the expected output? What do you see instead? Input string before encoding should be returned What version of the product are you using? On what operating system? 2.0.1 Does this issue affect only a specified browser or set of browsers? all browsers Please provide any additional information below. I can do EncodeForLdap and EncodeForDN however the output when passed through canonicalize, is garbage.

Try using test string - "Hi (This) ="
Here "(" is converted to \28 on encoding. On decoding it gets converted to Character 2 which is stx i.e. nothing.

Please help.

Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=287

Environment

None

Status

Assignee

Unassigned

Reporter

Max Gelman

Priority

Configure