hanged the tongue-in-cheek property names to the actual ones we are using.

Author: kwwall

src/test/resources/esapi/ESAPI.properties

@@ -593,9 +593,10 @@ Validator.HtmlValidationAction=throw
 #   org.owasp.esapi.reference.DefaultEncoder.encodeForSQL
 #   org.owasp.esapi.ESAPI.accessController  [FUTURE]
 #
-# The format is a comma-separated list of fully,Qualified.ClassNames.methodName
+# The format is a comma-separated list of fully.Qualified.ClassName.methodName;
+# all class names must begin with "org.owasp.esapi.".
 #
-#   Note to ESAPI Devs: There is presently no way to specific which specific
+#   Note to ESAPI Devs: There is presently NO WAY to specific which specific
 #                       method to indicate here when the method name alone,
 #                       absent from its signature, is ambiguous, so it is
 #                       best to avoid those if at all possible!
@@ -605,7 +606,9 @@ Validator.HtmlValidationAction=throw
 #                       which has 4 interfaces so currently, there's no way to
 #                       specify a specific one.
 #       
-ESAPI.enableLegCannonModeAndGetMyAssFired.methodNames=org.owasp.esapi.reference.DefaultEncoder.encodeForSQL
+#       We need this there for our existing JUnit tests for encodeForSQL. Use an
+#       alternate ESAPI property config filen name for testing this aspect out.
+ESAPI.dangerouslyAllowUnsafeMethods.methodNames=org.owasp.esapi.reference.DefaultEncoder.encodeForSQL
 
 # Normally you would put some text here (that will be logged) that provides some
 # justification as to why you have enabled these functions. This can be