Merge branch 'develop' into issue_494

jeremiahjstacey · jeremiahjstacey · commit cd6d803a5297 · 2019-09-28T19:08:09.000-05:00
diff --git a/src/main/java/org/owasp/esapi/Validator.java b/src/main/java/org/owasp/esapi/Validator.java
@@ -48,8 +48,14 @@
  */
 public interface Validator {
 
+	/**
+	 * Add a validation rule to the registry using the "type name" of the rule as the key.
+	 */
 	void addRule( ValidationRule rule );
 
+	/**
+	 * Get a validation rule from the registry with the "type name" of the rule as the key.
+	 */
 	ValidationRule getRule( String name );
 
 	/**
diff --git a/src/main/java/org/owasp/esapi/filters/SecurityWrapperRequest.java b/src/main/java/org/owasp/esapi/filters/SecurityWrapperRequest.java
@@ -154,7 +154,7 @@ public Cookie[] getCookies() {
             // build a new clean cookie
             try {
                 // get data from original cookie
-                String name = ESAPI.validator().getValidInput("Cookie name: " + c.getName(), c.getName(), "HTTPCookieName", sc.getIntProp("HttpUtilities.MaxHeaderNameSize"), true);
+                String name = ESAPI.validator().getValidInput("Cookie name: " + c.getName(), c.getName(), "HTTPCookieName", sc.getIntProp("HttpUtilities.MaxHeaderNameSize"), false);
                 String value = ESAPI.validator().getValidInput("Cookie value: " + c.getValue(), c.getValue(), "HTTPCookieValue", sc.getIntProp("HttpUtilities.MaxHeaderValueSize"), true);
                 int maxAge = c.getMaxAge();
                 String domain = c.getDomain();
diff --git a/src/test/java/org/owasp/esapi/filters/SecurityWrapperRequestTest.java b/src/test/java/org/owasp/esapi/filters/SecurityWrapperRequestTest.java
