Home

Awesome

OWASP Enterprise Security API for Java

<img src="https://raw.githubusercontent.com/ESAPI/esapi-java/master/static/ESAPI%20Logo.png" width="100" height="100" />

Welcome to the Home of ESAPI 3.x

News

First off, if you are looking for a version of ESAPI to use with your JVM-based project, this is not the one you are looking for. Instead, you want the latest ESAPI 2.x version from esapi-java-legacy. This ESAPI repo is for the development of ESAPI 3 which is still in the very early planning stages. The code that is currently in this GitHub repo (as of 2020-07-17) is likely to be completely rewritten, possibly several times, therefore please do not bother to submit PRs or GitHub issues relating to outdated or vulnerable dependencies. ESAPI 3 has not been released, even as a Release Candidate and we will make sure all the dependencies are updated when we do get around to making RC versions available.

If you wish to participate, please sign up for the Google Group "esapi-project-dev", and feel free to start a new discussion thread. Note you MUST subscribe to the Google Group list before you may POST to it. Subscribe to ESAPI Developers list.

Notes

For more information on ESAPI or information on ESAPI 2.x please visit our wiki page at https://owasp.org/www-project-enterprise-security-api/ and before you start using ESAPI, do yourself a favor and be sure to read the "Should I use ESAPI?" tab there.