public String getParameter(String name, boolean allowNull, int maxLength, String regexName) {
String orig = getHttpServletRequest().getParameter(name);
String clean = null;
try {
clean =
ESAPI.validator().getValidInput("HTTP parameter name: " + name, orig, regexName, maxLength, allowNull);
} catch (ValidationException e) {
}
return clean;
}
I have configured a filter which is wrapping the HttpServletRequest and cleaning up the request data to prevent my application from Reflected XSS. But whenever I am submit any data which contains any HTML entity in the request, my application is navigating to a blank page. when I debugged the code, I found that getValidInput is returning null and logging a intrusion exception in server.log file. Any help is appreciated. TIA.