Package io.github.pixee.security
Class Urls
- java.lang.Object
-
- io.github.pixee.security.Urls
-
public final class Urls extends Object
This type exposes utilities to help developers protect against server-side request forgery (SSRF) and any other possible attacks based on creating unvalidated URLs.https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html
-
-
Field Summary
Fields Modifier and Type Field Description static Set<UrlProtocol>HTTP_PROTOCOLSThis is a convenienceSetprovided for most people who probably only want to allow HTTP-based protocols.
-
Constructor Summary
Constructors Constructor Description Urls()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static URLcreate(String protocol, String host, int port, String file, URLStreamHandler handler, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator)Convenience method which delegates tocreate(URL, Set, HostValidator).static URLcreate(String protocol, String host, int port, String file, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator)Convenience method which delegates tocreate(URL, Set, HostValidator).static URLcreate(String protocol, String host, String file, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator)Convenience method which delegates tocreate(URL, Set, HostValidator).static URLcreate(String url, Set<UrlProtocol> allowedProtocols, HostValidator validator)static URLcreate(URL context, String spec, URLStreamHandler handler, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator)Convenience method which delegates tocreate(URL, Set, HostValidator).static URLcreate(URL context, String spec, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator)Convenience method which delegates tocreate(URL, Set, HostValidator).
-
-
-
Field Detail
-
HTTP_PROTOCOLS
public static Set<UrlProtocol> HTTP_PROTOCOLS
This is a convenienceSetprovided for most people who probably only want to allow HTTP-based protocols.
-
-
Method Detail
-
create
public static URL create(String url, Set<UrlProtocol> allowedProtocols, HostValidator validator) throws MalformedURLException
- Throws:
MalformedURLException
-
create
public static URL create(String protocol, String host, int port, String file, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator) throws MalformedURLException
Convenience method which delegates tocreate(URL, Set, HostValidator).- Throws:
MalformedURLException
-
create
public static URL create(String protocol, String host, int port, String file, URLStreamHandler handler, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator) throws MalformedURLException
Convenience method which delegates tocreate(URL, Set, HostValidator).- Throws:
MalformedURLException
-
create
public static URL create(URL context, String spec, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator) throws MalformedURLException
Convenience method which delegates tocreate(URL, Set, HostValidator).- Throws:
MalformedURLException
-
create
public static URL create(URL context, String spec, URLStreamHandler handler, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator) throws MalformedURLException
Convenience method which delegates tocreate(URL, Set, HostValidator).- Throws:
MalformedURLException
-
create
public static URL create(String protocol, String host, String file, Set<UrlProtocol> allowedProtocols, HostValidator hostValidator) throws MalformedURLException
Convenience method which delegates tocreate(URL, Set, HostValidator).- Throws:
MalformedURLException
-
-