XSSFilter
instead.@Deprecated
public interface XSSProtectionService
Modifier and Type | Method and Description |
---|---|
void |
invalidatePolicy(java.lang.String policyPath)
Deprecated.
|
java.lang.String |
protectForContext(ProtectionContext context,
java.lang.String src)
Deprecated.
Protected the given source string from containing XSS stuff, considering the
specified protection context.
|
java.lang.String |
protectForContext(ProtectionContext context,
java.lang.String src,
java.lang.String policyPath)
Deprecated.
Protected the given source string from containing XSS stuff, considering the
specified protection context.
|
java.lang.String |
protectFromXSS(java.lang.String src)
Deprecated.
Prevents the given source string from containing XSS stuff.
|
java.lang.String |
protectFromXSS(java.lang.String src,
java.lang.String policyPath)
Deprecated.
Protects the given source string from containing XSS stuff.
|
@Deprecated void invalidatePolicy(java.lang.String policyPath)
This is used to declare cached policies as invalid and enforce reloading when
protectFromXss()
is called the next time.
Invalidating policies manually is not necessary anymore, as changes get detetcted automatically since CQ 5.4.
policyPath
- policy path (as used for protectFromXSS()
) to
invalidatejava.lang.String protectFromXSS(java.lang.String src) throws XSSProtectionException
The default policy is used for checking.
src
- source stringXSSProtectionException
- if loading the default policy or scanning the source
string didn't succeed.java.lang.String protectFromXSS(java.lang.String src, java.lang.String policyPath) throws XSSProtectionException
The default policy is used for checking.
src
- source stringpolicyPath
- path to policy configuration node; the default configuration will
be taken if this parameter is set to null
XSSProtectionException
- if loading the given policy or scanning the source
string didn't succeed.java.lang.String protectForContext(ProtectionContext context, java.lang.String src, java.lang.String policyPath) throws XSSProtectionException
For more information about protection contexts, see ProtectionContext
and
http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
context
- The protection contextsrc
- The string to protectpolicyPath
- The path to a configuration node that contains the policy to be
used (dependant on the protection context); null
to
use the default policy.String
XSSProtectionException
- if loading the policy or scanning the source does not
succeedjava.lang.String protectForContext(ProtectionContext context, java.lang.String src) throws XSSProtectionException
For more information about protection contexts, see ProtectionContext
and
http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
context
- The protection contextsrc
- The string to protectString
XSSProtectionException
- if loading the policy or scanning the source does not
succeedCopyright © 2010 - 2020 Adobe. All Rights Reserved