我正在尝试运行一个使用 ESAPI 进行编码的示例程序。
这是示例程序
package hello;
import java.io.UnsupportedEncodingException;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Encoder;
import org.owasp.esapi.errors.EncodingException;
public class Sample {
public static void main(String[] args) {
// TODO Auto-generated method stub
String encodedString = encodeForXML("comma underscore hyphen");
System.out.println("The encoded string is "+encodedString);
}
public static String encodeForXML(String str)
{
return ESAPI.encoder().encodeForXML(str);
}
}
这导致异常
Exception in thread "main" org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:129)
at org.owasp.esapi.ESAPI.encoder(ESAPI.java:101)
at hello.HelloWorld.encodeForXML(HelloWorld.java:24)
at hello.HelloWorld.main(HelloWorld.java:14)
Caused by: java.lang.reflect.InvocationTargetException
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:86)
... 3 more
Caused by: java.lang.ExceptionInInitializerError
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Class.java:377)
at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:139)
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:155)
at org.owasp.esapi.reference.DefaultEncoder.<init>(DefaultEncoder.java:83)
at org.owasp.esapi.reference.DefaultEncoder.getInstance(DefaultEncoder.java:67)
... 8 more
Caused by: org.owasp.esapi.errors.ConfigurationException: Unable to locate resource: esapi-java-logging.properties
at org.owasp.esapi.logging.java.JavaLogFactory.readLoggerConfiguration(JavaLogFactory.java:95)
at org.owasp.esapi.logging.java.JavaLogFactory.<clinit>(JavaLogFactory.java:81)
... 16 more
我正在使用 Maven 构建并在我的 pom.xml 中包含 ESAPI 依赖项,还在 src/main/resources 中包含 esapi.properties 和 validation.properties(均从此处下载:https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.1),并且都已成功加载控制台中的消息。请让我知道我在这里遗漏了什么。
最佳答案
@avgvstvs 绝对正确。如果您查看 JavaLogFactory 的 Javadoc,它指出: “此实现要求类路径中存在名为‘esapi-java-logging.properties’的文件。”
ESAPI 查找此特定属性文件的规则与查找 ESAPI.properties 的规则不同。这是有原因的,但解释起来很复杂,因为记录器组件的引导方式与其他 ESAPI 组件略有不同。
关于maven - 编码器类 (org.owasp.esapi.reference.DefaultEncoder) CTOR 抛出异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/65001509/