HtmlSanitizer (Common - Utils 12.0.0-1309 API)

java.lang.Object

com.sdl.delivery.security.html.HtmlSanitizer

public class HtmlSanitizer extends Object

Method Summary

Modifier and Type

Method

Description

static String

sanitizeHttpHeader(String text)

To prevent attacker mocking http headers they need to not have any html entities as well as CRLF chars.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details
- sanitizeHttpHeader
  
  public static String sanitizeHttpHeader(String text)
  
  To prevent attacker mocking http headers they need to not have any html entities as well as CRLF chars.
  
  Parameters:
  
  text - to put into http header name/value
  
  Returns:
  
  secured text to be placed into http header