public class Utils extends Object
Modifier and Type | Method and Description |
---|---|
static String |
encodeXSS(String text)
This helper method can be used to help prevent Cross Site Scripting
vulnerabilities.
|
static String |
getConfiguredAuthMethod(HttpServletRequest request)
Returns the auth-method as configured in web.xml for the webapp
|
static String |
getConfiguredAuthMethod(ServletContext servletContext)
Returns the auth-method as configured in web.xml for the webapp
|
static boolean |
isSSLRequired(HttpServletRequest request)
Checks whether SSL is required for the current request as per the security-constraints
defined in the deployment descriptors.
|
static boolean |
isSSLRequired(ServletContext servletContext,
String relativeURI,
String method)
Checks whether SSL is required for the given URI and method as per the security-constraints
defined in the deployment descriptors.
|
public static String encodeXSS(String text)
text
- This is the dynamic text which is going to be sent as html (eg.
URL)public static String getConfiguredAuthMethod(ServletContext servletContext)
servletContext
- javax.servlet.ServletContextpublic static String getConfiguredAuthMethod(HttpServletRequest request)
request
- HttpServletRequestpublic static boolean isSSLRequired(ServletContext servletContext, String relativeURI, String method)
servletContext
- javax.servlet.ServletContextrelativeURI
- : should not include the context pathmethod
- : GET/POST/PUT etc for which the check is desiredpublic static boolean isSSLRequired(HttpServletRequest request)
request
-