Package com.adobe.granite.xss

Interface XSSFilter

@Deprecated
public interface XSSFilter

Deprecated.

Use XSSFilter instead.

This service should be used to protect output against potential XSS attacks. The protection is context based.

Since:

1.0

Field Summary

Fields

Modifier and Type	Field	Description
static final ProtectionContext	DEFAULT_CONTEXT	Deprecated. Default context.

Method Summary

Modifier and Type	Method	Description
boolean	check(ProtectionContext context, String src)	Deprecated. Indicates whether or not a given source string contains XSS policy violations.
boolean	check(ProtectionContext context, String src, String policy)	Deprecated. Indicates whether or not a given source string contains XSS policy violations.
String	filter(ProtectionContext context, String src)	Deprecated. Protects the given source string from containing XSS stuff.
String	filter(ProtectionContext context, String src, String policy)	Deprecated. Protects the given source string from containing XSS stuff.
String	filter(String src)	Deprecated. Prevents the given source string from containing XSS stuff.

Field Details

DEFAULT_CONTEXT

static final ProtectionContext DEFAULT_CONTEXT

Deprecated.

Default context.

Method Details

check

boolean check(ProtectionContext context,
 String src)

Deprecated.

Indicates whether or not a given source string contains XSS policy violations.

Parameters:

context - context to use for checking

src - source string

Returns:

true if the source is violation-free

Throws:

NullPointerException - if context is null

check

boolean check(ProtectionContext context,
 String src,
 String policy)

Deprecated.

Indicates whether or not a given source string contains XSS policy violations.

Parameters:

context - context to use for checking

src - source string

policy - the name/path of the policy to use

Returns:

true if the source is violation-free

Throws:

NullPointerException - if context is null

filter

String filter(String src)

Deprecated.

Prevents the given source string from containing XSS stuff. The default protection context is used for checking.

Parameters:

src - source string

Returns:

string that does not contain XSS stuff

filter

String filter(ProtectionContext context,
 String src)

Deprecated.

Protects the given source string from containing XSS stuff.

Parameters:

context - context to use for checking

src - source string

Returns:

string that does not contain XSS stuff

Throws:

NullPointerException - if context is null

filter

String filter(ProtectionContext context,
 String src,
 String policy)

Deprecated.

Protects the given source string from containing XSS stuff. If the context is unknown or null the default context is used.

Parameters:

context - context to use for checking

src - source string

policy - the name/path of the policy to use

Returns:

string that does not contain XSS stuff

Throws:

NullPointerException - if context is null