|
||||||||||
PREV NEXT | FRAMES NO FRAMES |
Packages that use Codec | |
---|---|
org.owasp.esapi | The ESAPI interfaces and Exception classes model the most
important security functions to enterprise web applications. |
org.owasp.esapi.codecs | This package contains codecs for application layer encoding/escaping schemes that can be used for both canonicalization and output encoding. |
org.owasp.esapi.reference | This package contains reference implementations of the ESAPI interfaces. |
Uses of Codec in org.owasp.esapi |
---|
Methods in org.owasp.esapi with parameters of type Codec | |
---|---|
java.lang.String |
Encoder.encodeForOS(Codec codec,
java.lang.String input)
Encode for an operating system command shell according to the selected codec (appropriate codecs include the WindowsCodec and UnixCodec). |
java.lang.String |
Encoder.encodeForSQL(Codec codec,
java.lang.String input)
Encode input for use in a SQL query, according to the selected codec (appropriate codecs include the MySQLCodec and OracleCodec). |
ExecuteResult |
Executor.executeSystemCommand(java.io.File executable,
java.util.List params,
java.io.File workdir,
Codec codec,
boolean logParams,
boolean redirectErrorStream)
Executes a system command after checking that the executable exists and escaping all the parameters to ensure that injection is impossible. |
void |
PreparedString.set(int index,
java.lang.String value,
Codec codec)
Set the parameter at index with supplied value using the supplied Codec to escape. |
Constructors in org.owasp.esapi with parameters of type Codec | |
---|---|
PreparedString(java.lang.String template,
char parameterCharacter,
Codec codec)
Create a PreparedString with the supplied template, parameter placeholder character, and Codec. |
|
PreparedString(java.lang.String template,
Codec codec)
Create a PreparedString with the supplied template and Codec. |
Uses of Codec in org.owasp.esapi.codecs |
---|
Subclasses of Codec in org.owasp.esapi.codecs | |
---|---|
class |
CSSCodec
Implementation of the Codec interface for backslash encoding used in CSS. |
class |
HTMLEntityCodec
Implementation of the Codec interface for HTML entity encoding. |
class |
JavaScriptCodec
Implementation of the Codec interface for backslash encoding in JavaScript. |
class |
MySQLCodec
Implementation of the Codec interface for MySQL strings. |
class |
OracleCodec
Implementation of the Codec interface for Oracle strings. |
class |
PercentCodec
Implementation of the Codec interface for percent encoding (aka URL encoding). |
class |
UnixCodec
Implementation of the Codec interface for '\' encoding from Unix command shell. |
class |
VBScriptCodec
Implementation of the Codec interface for 'quote' encoding from VBScript. |
class |
WindowsCodec
Implementation of the Codec interface for '^' encoding from Windows command shell. |
class |
XMLEntityCodec
Implementation of the Codec interface for XML entity encoding. |
Uses of Codec in org.owasp.esapi.reference |
---|
Methods in org.owasp.esapi.reference with parameters of type Codec | |
---|---|
java.lang.String |
DefaultEncoder.encodeForOS(Codec codec,
java.lang.String input)
Encode for an operating system command shell according to the selected codec (appropriate codecs include the WindowsCodec and UnixCodec). |
java.lang.String |
DefaultEncoder.encodeForSQL(Codec codec,
java.lang.String input)
Encode input for use in a SQL query, according to the selected codec (appropriate codecs include the MySQLCodec and OracleCodec). |
ExecuteResult |
DefaultExecutor.executeSystemCommand(java.io.File executable,
java.util.List params,
java.io.File workdir,
Codec codec,
boolean logParams,
boolean redirectErrorStream)
Executes a system command after checking that the executable exists and escaping all the parameters to ensure that injection is impossible. The reference implementation sets the work directory, escapes the parameters as per the Codec in use, and then executes the command without using concatenation. |
|
||||||||||
PREV NEXT | FRAMES NO FRAMES |