Tuesday, December 15, 2020

Input validation of number in JSP

 As per one security flaw in security scan Input Validation : We have to validate input is number or not .

Use below code for same


<jsp:forward page="AccessError.jsp">

<jsp:param name="storeId" value="${WCParam.storeId}" />

<jsp:param name="langId" value="${WCParam.langId}" />

<jsp:param name="catalogId" value="${WCParam.catalogId}" />

</jsp:forward>


Solution used was: 

<c:set var="storeId">
		<c:if test="${WCParam.storeId.matches('[0-9]+')}">
		   <c:out value="${WCParam.storeId}"/>

	        </c:if></c:set>
Posted by at 1 comment:
Labels:
Subscribe to: Posts (Atom)