My Oracle Support Banner

Where is the file? (Doc ID 1630555.1)

Last updated on MAY 12, 2021

Applies to:

Oracle WebCenter Sites - Version and later
Information in this document applies to any platform.


According to

"The Sites server employs the Enterprise Security API to check for and prevent security vulnerabilities that may occur from injection of malicious web data. The validation can be customized to meet tighter control over the content of HTTP headers and incoming data. The validation expressions contained in the file can be modified; this file is included when you install the Sites server. This file resides in the Sites WEB-INF/classes folder.

Further information about ESAPI is available at the following link:"

1) According to the statement above, can be customized , but where is this file ? It is not in WEB-INF/Classes folder as the documentation says.
2) Is the product bringing two APIs for the same purpose , "antysami" and ESAPI ??


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.