org.broadleafcommerce.common.security.service
Interface ExploitProtectionService
- All Known Implementing Classes:
- ExploitProtectionServiceImpl
public interface ExploitProtectionService
- Author:
- jfischer
cleanString
String cleanString(String string)
throws ServiceException
- Detect and remove possible XSS threats from the passed in string. This
includes
<script> tags, and the like.
- Parameters:
string - The possibly dirty string
- Returns:
- The cleansed version of the string
- Throws:
ServiceException
getAntiSamyPolicyFileLocation
String getAntiSamyPolicyFileLocation()
setAntiSamyPolicyFileLocation
void setAntiSamyPolicyFileLocation(String antiSamyPolicyFileLocation)
compareToken
void compareToken(String passedToken)
throws ServiceException
- Detect possible XSRF attacks by comparing the csrf token included
in the request against the true token for this user from the session. If they are
different, then the exception is thrown.
- Parameters:
passedToken - The csrf token that was passed in the request
- Throws:
ServiceException
getCSRFToken
String getCSRFToken()
throws ServiceException
- Throws:
ServiceException
getCsrfTokenParameter
String getCsrfTokenParameter()
Copyright © 2013. All Rights Reserved.