SecurityWrapperResponse.setHeader does not handle nulls

#### Describe the bug

Passing `null` to either the name or value parameters of `SecurityWrapperResponse.setHeader` will result in a `NullPointerException` (within `StringUtilities.stripControls`). This is almost always undesired behaviour, and contrary to the [latest Servlet specification](https://github.com/jakartaee/servlet/blob/main/api/src/main/java/jakarta/servlet/http/HttpServletResponse.java), which states how null values should behave (null header name is a no-op, null header value is a deletion).

#### Specify what ESAPI version(s) you are experiencing this bug in

2.7.0.0

#### To Reproduce

1. Create an application that wraps the request and response in `SecurityRequestWrapper`.
2. Attempt to delete a header using `setHeader("myHeader", null)`
3. `NullPointerException`

#### Expected behavior

Null values should be ignored by ESAPI and gracefully passed to regular code.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SecurityWrapperResponse.setHeader does not handle nulls #906

Describe the bug

Specify what ESAPI version(s) you are experiencing this bug in

To Reproduce

Expected behavior

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

SecurityWrapperResponse.setHeader does not handle nulls #906

Description

Describe the bug

Specify what ESAPI version(s) you are experiencing this bug in

To Reproduce

Expected behavior

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions