org.apache.jetspeed.engine.servlet
Class XXSUrlAttackFilter
java.lang.Object
org.apache.jetspeed.engine.servlet.XXSUrlAttackFilter
- All Implemented Interfaces:
- javax.servlet.Filter
public class XXSUrlAttackFilter
- extends Object
- implements javax.servlet.Filter
Simple XXS Url attack protection blocking access whenever the request url contains a < or > character.
- Version:
- $Id: XXSUrlAttackFilter.java 516448 2007-03-09 16:25:47Z ate $
Method Summary |
void |
destroy()
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
|
void |
init(javax.servlet.FilterConfig config)
|
private boolean |
isInvalid(String value)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
XXSUrlAttackFilter
public XXSUrlAttackFilter()
init
public void init(javax.servlet.FilterConfig config)
throws javax.servlet.ServletException
- Specified by:
init
in interface javax.servlet.Filter
- Throws:
javax.servlet.ServletException
doFilter
public void doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
throws IOException,
javax.servlet.ServletException
- Specified by:
doFilter
in interface javax.servlet.Filter
- Throws:
IOException
javax.servlet.ServletException
isInvalid
private boolean isInvalid(String value)
destroy
public void destroy()
- Specified by:
destroy
in interface javax.servlet.Filter
Copyright © 1999-2007 Apache Software Foundation. All Rights Reserved.