Trying to run some ColdBox test suites today and I...
# luceeb
bdw429s
02/22/2022, 10:30 PMTrying to run some ColdBox test suites today and I'm getting this odd error
Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.bdw429s
02/22/2022, 10:30 PMbdw429s
02/22/2022, 10:31 PMThe root cause is
Copy code
java.lang.ClassNotFoundException: org.lucee.extension.esapi.log.LogFactoryImpl not found by org.lucee.esapi [69]bdw429s
02/22/2022, 10:32 PMAt first, I thought maybe I had accidentally gotten a newer version of the ESAPI lib with the new Log4j bits installed on 5.3.8. but my OWASP extension version is
2.2.0.1bdw429s
02/22/2022, 10:37 PMIt's worth mentioning, the line of CF code causing the error is just a boring old use of
encodeForHTML() Copy code
<strong>#encodeForHTML( local.thisSpec.message )#</strong>😮 1
l
leftbower
02/23/2022, 10:36 PMI started getting it too, with the same function. I had thought it was a result of installing the latest OWASP extension onto 5.3.8 because upgrading to the 5.3.9 RC, with latest OWASP made it go away.. Didn't look back after that...
b
bdw429s
02/23/2022, 10:37 PMyeah, same here. I had to use the 5.3.9 builds to keep working
bdw429s
02/23/2022, 10:38 PMI'm just worried this some new sort of dev bleeding into older Lucee versions and it may start causing people issues.
bdw429s
02/23/2022, 10:38 PM@zackster Can you give this a look please?
bdw429s
02/23/2022, 10:38 PMIf this is happening due to recent development on the ESAPI extension, I don't want it to start borking people's production 5.3.8 installations out there
z
zackster
02/23/2022, 10:39 PMFile a regression plz
b
bdw429s
02/23/2022, 10:40 PMWell, I wanted to ensure it actually was one first and not just a boneheaded thing I did
bdw429s
02/23/2022, 10:40 PMPlus, file it against what? I was using 5.3.8 when I got the error.
bdw429s
02/23/2022, 10:41 PMSo is it a bug in 5.3.8 or 5.3.9?
bdw429s
02/23/2022, 10:41 PMJust seemed like a bit more research was needed before I dove into the ticket tracker with it
z
zackster
02/23/2022, 11:43 PMFair enough! So an existing profile (lucee version and extensions) just started throwing errors?
b
bdw429s
02/24/2022, 12:05 AMYeah, forgetting the site in CommandBox and starting fresh was giving me this. Not necessarily on the first page hit, but once it started, it wouldn't go away
d
dswitzer
02/24/2022, 12:27 PMI wonder if this thread on the Lucee forums is related:
https://dev.lucee.org/t/error-with-esapi-functions-esapi-properties-could-not-be-loaded-by-any-means/5513
3 Views