XSSFunctions (ACS AEM Commons Bundle 4.8.0 API)

java.lang.Object
- com.adobe.acs.commons.xss.XSSFunctions

@ProviderType
public final class XSSFunctions
extends Object

XSSAPI JSP Function wrappers.

Method Summary

All Methods Static Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`static CharSequence`	`encodeForHTML(org.apache.sling.xss.XSSAPI xssAPI, String source)` Encode a string for HTML.
`static CharSequence`	`encodeForHTML(com.adobe.granite.xss.XSSAPI xssAPI, String source)` Deprecated. replaced by `encodeForHTML(XSSAPI, String)` Encode a string for HTML.
`static CharSequence`	`encodeForHTMLAttr(org.apache.sling.xss.XSSAPI xssAPI, String source)` Encode a string for an HTML attribute.
`static CharSequence`	`encodeForHTMLAttr(com.adobe.granite.xss.XSSAPI xssAPI, String source)` Deprecated. replaced by `encodeForHTMLAttr(XSSAPI, String)` Encode a string for an HTML attribute.
`static CharSequence`	`encodeForJSString(org.apache.sling.xss.XSSAPI xssAPI, String source)` Encode a string for an JavaScript string.
`static CharSequence`	`encodeForJSString(com.adobe.granite.xss.XSSAPI xssAPI, String source)` Deprecated. replaced by `encodeForJSString(XSSAPI, String)` Encode a string for an JavaScript string.
`static CharSequence`	`filterHTML(org.apache.sling.xss.XSSAPI xssAPI, String source)` Filter a string for HTML.
`static CharSequence`	`filterHTML(com.adobe.granite.xss.XSSAPI xssAPI, String source)` Deprecated. replaced by `filterHTML(XSSAPI, String)` Filter a string for HTML.
`static String`	`getValidDimension(org.apache.sling.xss.XSSAPI xssAPI, String dimension, String defaultValue)` Validate a string which should contain a dimension, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
`static String`	`getValidDimension(com.adobe.granite.xss.XSSAPI xssAPI, String dimension, String defaultValue)` Deprecated. replaced by `getValidDimension(XSSAPI, String, String)` Validate a string which should contain a dimension, returning a default value if the source is empty, can't be parsed, or contains XSS risks. Allows integer dimensions and the keyword "auto".
`static CharSequence`	`getValidHref(org.apache.sling.xss.XSSAPI xssAPI, String source)` Get a valid href.
`static CharSequence`	`getValidHref(com.adobe.granite.xss.XSSAPI xssAPI, String source)` Deprecated. replaced by `getValidHref(XSSAPI, String)` Get a valid href. This does not use the standard XSS API due to a bug impacting CQ 5.6.1 (and earlier). Internal bug reference: GRANITE-4193
`static Integer`	`getValidInteger(org.apache.sling.xss.XSSAPI xssAPI, String integer, int defaultValue)` Validate a string which should contain an integer, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
`static Integer`	`getValidInteger(com.adobe.granite.xss.XSSAPI xssAPI, String integer, int defaultValue)` Deprecated. replaced by `getValidInteger(XSSAPI, String, int)` Validate a string which should contain an integer, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
`static String`	`getValidJSToken(org.apache.sling.xss.XSSAPI xssAPI, String token, String defaultValue)` Validate a Javascript token.
`static String`	`getValidJSToken(com.adobe.granite.xss.XSSAPI xssAPI, String token, String defaultValue)` Deprecated. replaced by `getValidJSToken(XSSAPI, String, String)` Validate a Javascript token. The value must be either a single identifier, a literal number, or a literal string.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - encodeForHTML
```
public static CharSequence encodeForHTML(org.apache.sling.xss.XSSAPI xssAPI,
                                         String source)
```
    Encode a string for HTML.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - encodeForHTML
```
@Deprecated
public static CharSequence encodeForHTML(com.adobe.granite.xss.XSSAPI xssAPI,
                                                     String source)
```
    Deprecated. replaced by encodeForHTML(XSSAPI, String) Encode a string for HTML.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - encodeForHTMLAttr
```
public static CharSequence encodeForHTMLAttr(org.apache.sling.xss.XSSAPI xssAPI,
                                             String source)
```
    Encode a string for an HTML attribute.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - encodeForHTMLAttr
```
@Deprecated
public static CharSequence encodeForHTMLAttr(com.adobe.granite.xss.XSSAPI xssAPI,
                                                         String source)
```
    Deprecated. replaced by encodeForHTMLAttr(XSSAPI, String) Encode a string for an HTML attribute.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - encodeForJSString
```
public static CharSequence encodeForJSString(org.apache.sling.xss.XSSAPI xssAPI,
                                             String source)
```
    Encode a string for an JavaScript string.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - encodeForJSString
```
@Deprecated
public static CharSequence encodeForJSString(com.adobe.granite.xss.XSSAPI xssAPI,
                                                         String source)
```
    Deprecated. replaced by encodeForJSString(XSSAPI, String) Encode a string for an JavaScript string.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - filterHTML
```
public static CharSequence filterHTML(org.apache.sling.xss.XSSAPI xssAPI,
                                      String source)
```
    Filter a string for HTML.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - filterHTML
```
@Deprecated
public static CharSequence filterHTML(com.adobe.granite.xss.XSSAPI xssAPI,
                                                  String source)
```
    Deprecated. replaced by filterHTML(XSSAPI, String) Filter a string for HTML.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - getValidHref
```
public static CharSequence getValidHref(org.apache.sling.xss.XSSAPI xssAPI,
                                        String source)
```
    Get a valid href. This does not use the standard XSS API due to a bug impacting CQ 5.6.1 (and earlier). Internal bug reference: GRANITE-4193
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - getValidHref
```
@Deprecated
public static CharSequence getValidHref(com.adobe.granite.xss.XSSAPI xssAPI,
                                                    String source)
```
    Deprecated. replaced by getValidHref(XSSAPI, String) Get a valid href. This does not use the standard XSS API due to a bug impacting CQ 5.6.1 (and earlier). Internal bug reference: GRANITE-4193
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    source - the source string
    
    Returns:
    
    the encoded string
  - getValidDimension
```
public static String getValidDimension(org.apache.sling.xss.XSSAPI xssAPI,
                                       String dimension,
                                       String defaultValue)
```
    Validate a string which should contain a dimension, returning a default value if the source is empty, can't be parsed, or contains XSS risks. Allows integer dimensions and the keyword "auto".
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    dimension - the source dimension
    
    defaultValue - a default value if the source can't be used
    
    Returns:
    
    a sanitized dimension
  - getValidDimension
```
@Deprecated
public static String getValidDimension(com.adobe.granite.xss.XSSAPI xssAPI,
                                                   String dimension,
                                                   String defaultValue)
```
    Deprecated. replaced by getValidDimension(XSSAPI, String, String) Validate a string which should contain a dimension, returning a default value if the source is empty, can't be parsed, or contains XSS risks. Allows integer dimensions and the keyword "auto".
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    dimension - the source dimension
    
    defaultValue - a default value if the source can't be used
    
    Returns:
    
    a sanitized dimension
  - getValidInteger
```
public static Integer getValidInteger(org.apache.sling.xss.XSSAPI xssAPI,
                                      String integer,
                                      int defaultValue)
```
    Validate a string which should contain an integer, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    integer - the source integer
    
    defaultValue - a default value if the source can't be used
    
    Returns:
    
    a sanitized integer
  - getValidInteger
```
@Deprecated
public static Integer getValidInteger(com.adobe.granite.xss.XSSAPI xssAPI,
                                                  String integer,
                                                  int defaultValue)
```
    Deprecated. replaced by getValidInteger(XSSAPI, String, int) Validate a string which should contain an integer, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    integer - the source integer
    
    defaultValue - a default value if the source can't be used
    
    Returns:
    
    a sanitized integer
  - getValidJSToken
```
public static String getValidJSToken(org.apache.sling.xss.XSSAPI xssAPI,
                                     String token,
                                     String defaultValue)
```
    Validate a Javascript token. The value must be either a single identifier, a literal number, or a literal string.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    token - the source token
    
    defaultValue - a default value to use if the source doesn't meet validity constraints.
    
    Returns:
    
    a string containing a single identifier, a literal number, or a literal string token
  - getValidJSToken
```
@Deprecated
public static String getValidJSToken(com.adobe.granite.xss.XSSAPI xssAPI,
                                                 String token,
                                                 String defaultValue)
```
    Deprecated. replaced by getValidJSToken(XSSAPI, String, String) Validate a Javascript token. The value must be either a single identifier, a literal number, or a literal string.
    
    Parameters:
    
    xssAPI - the XSSAPI
    
    token - the source token
    
    defaultValue - a default value to use if the source doesn't meet validity constraints.
    
    Returns:
    
    a string containing a single identifier, a literal number, or a literal string token

Class XSSFunctions

Method Summary

Methods inherited from class java.lang.Object

Method Detail

encodeForHTML

encodeForHTML

encodeForHTMLAttr

encodeForHTMLAttr

encodeForJSString

encodeForJSString

filterHTML

filterHTML

getValidHref

getValidHref

getValidDimension

getValidDimension

getValidInteger

getValidInteger

getValidJSToken

getValidJSToken