Some object frameworks help with the syntax part of the input validation. Examples of input validation frameworks include the OWASP ESAPI Validation API, Struts, the Apache commons validator, the Hibernate validator, Java EE Bean validation, some uses of XML, and rare JSON libraries. When these objects or frameworks are available, you should make use of them.
Remember that using the framework or object does solve all input validation issues. When you use the framework, you must properly describe the tests to perform. Watch out for “It needs to ship yesterday. We’ll finish the input specifications later.” Also, you must ensure that you use the framework properly. For example. CWE-101 is Struts Validation Problems, of which there are 10 sub-weaknesses. In other words, while using it can help, developers regularly get it wrong and so the attackers win.
Frameworks and objects can often handle length and type. Sometimes then can handle syntax. They rarely are capable of checking business rules. This means that you are responsible for the business rules validation.
