public class Utils
extends java.lang.Object
| Modifier and Type | Method | Description | 
|---|---|---|
| static java.lang.String | encodeXSS(java.lang.String text) | This helper method can be used to help prevent Cross Site Scripting
 vulnerabilities. | 
| static java.lang.String | getConfiguredAuthMethod(javax.servlet.http.HttpServletRequest request) | Returns the auth-method as configured in web.xml for the webapp | 
| static java.lang.String | getConfiguredAuthMethod(javax.servlet.ServletContext servletContext) | Returns the auth-method as configured in web.xml for the webapp | 
| static boolean | isSSLRequired(javax.servlet.http.HttpServletRequest request) | Checks whether SSL is required for the current request as per the security-constraints
 defined in the deployment descriptors. | 
| static boolean | isSSLRequired(javax.servlet.ServletContext servletContext,
             java.lang.String relativeURI,
             java.lang.String method) | Checks whether SSL is required for the given URI and method as per the security-constraints
 defined in the deployment descriptors. | 
public static java.lang.String encodeXSS(java.lang.String text)
A full description of Cross Site Scripting (XSS) vulnerabilities can be found at http://www.cert.org/tech_tips/malicious_code_mitigation.html.
text - This is the dynamic text which is going to be sent as html (eg.
 URL)public static java.lang.String getConfiguredAuthMethod(javax.servlet.ServletContext servletContext)
servletContext - javax.servlet.ServletContextpublic static java.lang.String getConfiguredAuthMethod(javax.servlet.http.HttpServletRequest request)
request - HttpServletRequestpublic static boolean isSSLRequired(javax.servlet.ServletContext servletContext,
                                    java.lang.String relativeURI,
                                    java.lang.String method)
servletContext - javax.servlet.ServletContextrelativeURI - : should not include the context pathmethod - : GET/POST/PUT etc for which the check is desiredpublic static boolean isSSLRequired(javax.servlet.http.HttpServletRequest request)
request -