Interface SaferSlingPostValidator
-
public interface SaferSlingPostValidator
Service to check Sling Post requests for unsafe constructs.
-
-
Field Summary
Fields Modifier and Type Field Description static boolean
ACCEPT
ACCEPT returned when a request may be accepted.static java.lang.String
POST_DEPTH_ATTRIBUTE
Attribute set on the request to indicate the depth under the target request which :applyTo should be allowed to reference.static boolean
REJECT
REJECT returned when a request should be rejected.
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
reject(SlingHttpServletRequest request, java.lang.String... whitelistPatterns)
Reject any unsafe post requests.
-
-
-
Field Detail
-
REJECT
static final boolean REJECT
REJECT returned when a request should be rejected.- See Also:
- Constant Field Values
-
ACCEPT
static final boolean ACCEPT
ACCEPT returned when a request may be accepted.- See Also:
- Constant Field Values
-
POST_DEPTH_ATTRIBUTE
static final java.lang.String POST_DEPTH_ATTRIBUTE
Attribute set on the request to indicate the depth under the target request which :applyTo should be allowed to reference.
-
-
Method Detail
-
reject
boolean reject(SlingHttpServletRequest request, java.lang.String... whitelistPatterns)
Reject any unsafe post requests.- Parameters:
request
- the request to checkwhitelistPatterns
- additional whitelist patterns- Returns:
- REJECT if the request should be rejected, otherwise return ACCEPT.
-
-