@ProviderType
public interface XSSFilter
Modifier and Type | Field and Description |
---|---|
static ProtectionContext |
DEFAULT_CONTEXT
Default context.
|
Modifier and Type | Method and Description |
---|---|
boolean |
check(ProtectionContext context,
String src)
Indicates whether or not a given source string contains XSS policy violations.
|
String |
filter(ProtectionContext context,
String src)
Protects the given source string from containing XSS stuff.
|
String |
filter(String src)
Prevents the given source string from containing XSS stuff.
|
boolean |
isValidHref(String url)
Checks if the given URL is valid to be used for the
href attribute in a a tag. |
static final ProtectionContext DEFAULT_CONTEXT
boolean check(ProtectionContext context, String src)
context
- context to use for checkingsrc
- source stringNullPointerException
- if context is null
String filter(String src)
The default protection context is used for checking.
src
- source stringString filter(ProtectionContext context, String src)
context
- context to use for checkingsrc
- source stringNullPointerException
- if context is null
boolean isValidHref(String url)
href
attribute in a a
tag.
The default protection context is used for checking.
url
- the URL that should be validatedCopyright © 2017 The Apache Software Foundation. All rights reserved.