From a987ca7cdc82e6a62114407b38600e49ef5a727f Mon Sep 17 00:00:00 2001
From: "mayhew64@gmail.com"
 <mayhew64@gmail.com@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Wed, 25 Apr 2012 18:29:31 +0000
Subject: [PATCH] added _ to the allowed characterset.  Allows for usernames
 with an _ in them

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@463 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 src/main/java/org/owasp/webgoat/session/ParameterParser.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/owasp/webgoat/session/ParameterParser.java b/src/main/java/org/owasp/webgoat/session/ParameterParser.java
index ba0e19ae7..6d64f1024 100644
--- a/src/main/java/org/owasp/webgoat/session/ParameterParser.java
+++ b/src/main/java/org/owasp/webgoat/session/ParameterParser.java
@@ -41,7 +41,7 @@ import org.owasp.webgoat.util.HtmlEncoder;
 public class ParameterParser
 {
 
-	private final static String ALLOWED_CHARACTERS = "$()-?.@!,:;=//+"; // Don't
+	private final static String ALLOWED_CHARACTERS = "_$()-?.@!,:;=//+"; // Don't
 	// allow
 	// #&
 	// specifically