Interface SaferSlingPostValidator


  • public interface SaferSlingPostValidator
    Service to check Sling Post requests for unsafe constructs.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static boolean ACCEPT
      ACCEPT returned when a request may be accepted.
      static String POST_DEPTH_ATTRIBUTE
      Attribute set on the request to indicate the depth under the target request which :applyTo should be allowed to reference.
      static boolean REJECT
      REJECT returned when a request should be rejected.
    • Field Detail

      • REJECT

        static final boolean REJECT
        REJECT returned when a request should be rejected.
        See Also:
        Constant Field Values
      • ACCEPT

        static final boolean ACCEPT
        ACCEPT returned when a request may be accepted.
        See Also:
        Constant Field Values
      • POST_DEPTH_ATTRIBUTE

        static final String POST_DEPTH_ATTRIBUTE
        Attribute set on the request to indicate the depth under the target request which :applyTo should be allowed to reference.
    • Method Detail

      • reject

        boolean reject​(SlingHttpServletRequest request,
                       String... whitelistPatterns)
        Reject any unsafe post requests.
        Parameters:
        request - the request to check
        whitelistPatterns - additional whitelist patterns
        Returns:
        REJECT if the request should be rejected, otherwise return ACCEPT.