Encoders/decoders Enable the use of both OWASP ESAPI and Encoder. Compare them? Additional examples Various example cases putting untrusted content into Javascript/URL context... Additional features CSRF Headers No-Sniff header X-Frame-Options header ...