HDIV 2.1.8

Java web application security framework that will help you protect your web applications against attacks
HDIV (HTTP Data Integrity Validator) extends web applications’ behaviour by adding Security functionalities, maintaining the API and the framework specification.

This implies that we can use HDIV in applications developed in Struts 1.x, Struts 2.x, Spring MVC and JSTL in a transparent way to the programmer and without adding any complexity to the application development.

It is possible to use HDIV in applications that don’t use Spring MVC, Struts 1.x, Struts 2.x, or JSTL, but in this case it is necessary to modify the application (JSP pages).

Main features:

  • INTEGRITY: HDIV guarantees integrity (no data modification) of all the data generated by the server which should not be modified by the client (links, hidden fields, combo values, radio buttons, destiny pages, etc.). Thanks to this property HDIV helps to eliminate most of the vulnerabilities based on the parameter tampering.
  • EDITABLE DATA VALIDATION: HDIV eliminates to a large extent the risk originated by attacks of type Cross-site scripting (XSS) and SQL Injection using generic validations of the editable data (text and textarea).
  • CONFIDENTIALITY: HDIV guarantees the confidentiality of the non editable data as well. Usually lots of the data sent to the client has key information for the attackers such as database registry identifiers, column or table names, web directories, etc. All these values are hidden by HDIV to avoid a malicious use of them.
  • ANTI-CROSS SITE REQUEST FORGERY (CSRF) TOKEN: Random string called a token is placed in each form and link of the HTML response, ensuring that this value will be submitted with the next request. This random string provides protection because not only does the compromised site need to know the URL of the target site and a valid request format for the target site, it also must know the random string which changes for each visited page.

last updated on:
October 10th, 2014, 7:37 GMT
file size:
507 MB
developed by:
license type:
operating system(s):
Mac OS X
binary format:
Universal Binary
Home \ Security


In a hurry? Add it to your Download Basket!

user rating



What's New in This Release:
  • Fix multipart issue in Struts1 (https://github.com/hdiv/hdiv/issues/59).
  • Fix multipart issue in Spring MVC (https://github.com/hdiv/hdiv/issues/62).
  • Support Servlet3 standard multipart processing in Spring MVC.
read full changelog

Add your review!