PathValidator (java-security-toolkit 1.0.7 API)

java.lang.Object
- io.github.pixee.security.jakarta.PathValidator

```
public final class PathValidator
extends Object
```
This type exposes helper methods that will help defend against Jakarta EE-specific attacks.

Constructor Summary

Constructors
Constructor Description

PathValidator()

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static String`	`validateDispatcherPath(String path)`	Validates the path argument to javax.servlet.http.HttpServletRequest#getRequestDispatcher(), which could be used to gain access to sensitive assets like configuration files, code files, etc.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - PathValidator
```
public PathValidator()
```
- Method Detail
  - validateDispatcherPath
```
public static String validateDispatcherPath(String path)
```
    Validates the path argument to javax.servlet.http.HttpServletRequest#getRequestDispatcher(), which could be used to gain access to sensitive assets like configuration files, code files, etc. This method only protects against assets that are common amongst all apps, and thus represent easier targets for attackers. If the attacker is using brute force or has insider knowledge, they could still possibly find their way into other sensitive assets.
    
    Parameters:
    
    path - an argument to HttpServletRequest#getRequestDispatcher() to validate
    
    Returns:
    
    the same String as was passed in
    
    Throws:
    
    SecurityException - if the path seems to be targeting sensitive Jakarta web application assets