public class Utils
extends java.lang.Object
Modifier and Type | Method | Description |
---|---|---|
static java.lang.String |
encodeXSS(java.lang.String text) |
This helper method can be used to help prevent Cross Site Scripting
vulnerabilities.
|
static java.lang.String |
getConfiguredAuthMethod(javax.servlet.http.HttpServletRequest request) |
Returns the auth-method as configured in web.xml for the webapp
|
static java.lang.String |
getConfiguredAuthMethod(javax.servlet.ServletContext servletContext) |
Returns the auth-method as configured in web.xml for the webapp
|
static boolean |
isSSLRequired(javax.servlet.http.HttpServletRequest request) |
Checks whether SSL is required for the current request as per the security-constraints
defined in the deployment descriptors.
|
static boolean |
isSSLRequired(javax.servlet.ServletContext servletContext,
java.lang.String relativeURI,
java.lang.String method) |
Checks whether SSL is required for the given URI and method as per the security-constraints
defined in the deployment descriptors.
|
public static java.lang.String encodeXSS(java.lang.String text)
text
- This is the dynamic text which is going to be sent as html (eg.
URL)public static java.lang.String getConfiguredAuthMethod(javax.servlet.ServletContext servletContext)
servletContext
- javax.servlet.ServletContextpublic static java.lang.String getConfiguredAuthMethod(javax.servlet.http.HttpServletRequest request)
request
- HttpServletRequestpublic static boolean isSSLRequired(javax.servlet.ServletContext servletContext, java.lang.String relativeURI, java.lang.String method)
servletContext
- javax.servlet.ServletContextrelativeURI
- : should not include the context pathmethod
- : GET/POST/PUT etc for which the check is desiredpublic static boolean isSSLRequired(javax.servlet.http.HttpServletRequest request)
request
-