Implementing data validation
Implementing data validation involves defining regular expressions, validation rules, abstract validation rules.
Note: When validating HTTP parameter names and values using regular expression validator, the input
string is canonicalized using ESAPI APIs. These APIs simplify the input string by performing every
possible type of decoding that might result in modification of the input string (for example, the
substring &or is translated to the logical 'OR' character
v). If any such
special strings are expected, the use of a Java validator is recommended because using a regular
expression validator would modify the string.