alwaysAddDefaults

Controls whether the ParameterValidator component adds sets of default string values to the illegalTagNames and illegalAttributeNames properties.

Set the value of the property to true to include the default values. Set it to false to omit the default values.

See Default Values for illegalTagNames and Default Values for illegalAttributeNames.

illegalTagNames

A list of HTML elements that are disallowed in URL query parameters.

See Default Values for illegalTagNames.

onlyDisallowIllegalTagNames

Controls whether strings that appear to be HTML elements are allowed in URL query parameters.

Set the value of this property to true to allow strings that appear to be HTML elements as long as they are not included in the illegalTagNames property.

Set the value of this property to false to disallow any string that appears to be an HTML element.

illegalAttributeNames

A list of HTML attributes that are disallowed in URL query parameters.

See Default Values for illegalAttributeNames.

onlyDisallowIllegalAttributeNames

Controls whether strings that appear to be HTML attributes will be allowed in URL query parameters.

Set the value of this property to true to allow strings that appear to be HTML attributes as long as they are not included in the illegalAttributeNames property.

Set the value of this property to false to disallow any string that appears to be an HTML attribute.

illegalStrings

A list of specific strings that are disallowed in URL query parameters.

illegalRegexes

A list of Java regular expressions that describe strings that are disallowed in URL query parameters.

overridingValidators

A list of custom components that function as URL query validators for specific conditions.

Set the value of this property to a comma separated list of the nucleus paths for each of the custom query validator components. For example:

overridingValidators=/mycompany/validators/
MyValidator,/mycompany/validators/
MyOtherValidator

See Creating an Overriding Parameter Validator.