Package com.adobe.granite.xss
Interface XSSFilter
-
@Deprecated public interface XSSFilter
Deprecated.UseXSSFilter
instead.This service should be used to protect output against potential XSS attacks. The protection is context based.- Since:
- 1.0
-
-
Field Summary
Fields Modifier and Type Field Description static ProtectionContext
DEFAULT_CONTEXT
Deprecated.Default context.
-
Method Summary
All Methods Instance Methods Abstract Methods Deprecated Methods Modifier and Type Method Description boolean
check(ProtectionContext context, String src)
Deprecated.Indicates whether or not a given source string contains XSS policy violations.boolean
check(ProtectionContext context, String src, String policy)
Deprecated.Indicates whether or not a given source string contains XSS policy violations.String
filter(ProtectionContext context, String src)
Deprecated.Protects the given source string from containing XSS stuff.String
filter(ProtectionContext context, String src, String policy)
Deprecated.Protects the given source string from containing XSS stuff.String
filter(String src)
Deprecated.Prevents the given source string from containing XSS stuff.
-
-
-
Field Detail
-
DEFAULT_CONTEXT
static final ProtectionContext DEFAULT_CONTEXT
Deprecated.Default context.
-
-
Method Detail
-
check
boolean check(ProtectionContext context, String src)
Deprecated.Indicates whether or not a given source string contains XSS policy violations.- Parameters:
context
- context to use for checkingsrc
- source string- Returns:
- true if the source is violation-free
- Throws:
NullPointerException
- if context isnull
-
check
boolean check(ProtectionContext context, String src, String policy)
Deprecated.Indicates whether or not a given source string contains XSS policy violations.- Parameters:
context
- context to use for checkingsrc
- source stringpolicy
- the name/path of the policy to use- Returns:
- true if the source is violation-free
- Throws:
NullPointerException
- if context isnull
-
filter
String filter(String src)
Deprecated.Prevents the given source string from containing XSS stuff. The default protection context is used for checking.- Parameters:
src
- source string- Returns:
- string that does not contain XSS stuff
-
filter
String filter(ProtectionContext context, String src)
Deprecated.Protects the given source string from containing XSS stuff.- Parameters:
context
- context to use for checkingsrc
- source string- Returns:
- string that does not contain XSS stuff
- Throws:
NullPointerException
- if context isnull
-
filter
String filter(ProtectionContext context, String src, String policy)
Deprecated.Protects the given source string from containing XSS stuff. If the context is unknown ornull
the default context is used.- Parameters:
context
- context to use for checkingsrc
- source stringpolicy
- the name/path of the policy to use- Returns:
- string that does not contain XSS stuff
- Throws:
NullPointerException
- if context isnull
-
-