com.h3xstream.findsecbugs.xss
Class XSSRequestWrapperDetector
java.lang.Object
com.h3xstream.findsecbugs.xss.XSSRequestWrapperDetector
- All Implemented Interfaces:
- edu.umd.cs.findbugs.Detector, edu.umd.cs.findbugs.Priorities
public class XSSRequestWrapperDetector
- extends Object
- implements edu.umd.cs.findbugs.Detector
Various flavor of XSSRequestWrapper exist to do some debatable prevention. It can be considered as a Web Application
Firewall.
Some implementations to detect:
http://java.dzone.com/articles/stronger-anti-cross-site
http://www.javacodegeeks.com/2012/07/anti-cross-site-scripting-xss-filter.html
http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
| Fields inherited from interface edu.umd.cs.findbugs.Priorities |
EXP_PRIORITY, HIGH_PRIORITY, IGNORE_PRIORITY, LOW_PRIORITY, NORMAL_PRIORITY |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
XSSRequestWrapperDetector
public XSSRequestWrapperDetector(edu.umd.cs.findbugs.BugReporter bugReporter)
visitClassContext
public void visitClassContext(edu.umd.cs.findbugs.ba.ClassContext classContext)
- Specified by:
visitClassContext in interface edu.umd.cs.findbugs.Detector
report
public void report()
- Specified by:
report in interface edu.umd.cs.findbugs.Detector
Copyright © 2015. All rights reserved.