Package org.glassfish.common.util

Class InputValidationUtil

java.lang.Object

org.glassfish.common.util.InputValidationUtil

public class InputValidationUtil
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
static String	CR_ENCODED_STRING_LOWER
static String	CR_ENCODED_STRING_UPPER
static String	CRLF_ENCODED_STRING_LOWER
static String	CRLF_ENCODED_STRING_UPPER
static String	CRLF_STRING

Constructor Summary

Constructors

Constructor	Description
InputValidationUtil()

Method Summary

Modifier and Type	Method	Description
static String	getSafeCookieHeaderValue(String headerValue)	Return Cookie Http Header Value after suitable validation
static String	getSafeHeaderName(String headerName)	Return Http Header Name after suitable validation
static String	getSafeHeaderValue(String headerValue)	Return Http Header Value after suitable validation
static String	removeLinearWhiteSpaces(String input)	Remove unwanted white spaces in the URL.
static boolean	validateStringforCRLF(String input)	Validate the String for Header Injection Attack.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CRLF_ENCODED_STRING_LOWER

public static final String CRLF_ENCODED_STRING_LOWER

See Also:

Constant Field Values

CRLF_ENCODED_STRING_UPPER

public static final String CRLF_ENCODED_STRING_UPPER

See Also:

Constant Field Values

CR_ENCODED_STRING_LOWER

public static final String CR_ENCODED_STRING_LOWER

See Also:

Constant Field Values

CR_ENCODED_STRING_UPPER

public static final String CR_ENCODED_STRING_UPPER

See Also:

Constant Field Values

CRLF_STRING

public static final String CRLF_STRING

See Also:

Constant Field Values

Constructor Detail

InputValidationUtil

public InputValidationUtil()

Method Detail

validateStringforCRLF

public static boolean validateStringforCRLF(String input)

Validate the String for Header Injection Attack.

Parameters:

input - String to be validate

Returns:

boolean

removeLinearWhiteSpaces

public static String removeLinearWhiteSpaces(String input)

Remove unwanted white spaces in the URL.

Parameters:

input - String to be stripped with whitespaces

Returns:

String

getSafeHeaderName

public static String getSafeHeaderName(String headerName)
                                throws Exception

Return Http Header Name after suitable validation

Parameters:

headerName - Header Name which should be validated before being set

Returns:

String Header Name sanitized for CRLF attack

Throws:

Exception

getSafeHeaderValue

public static String getSafeHeaderValue(String headerValue)
                                 throws Exception

Return Http Header Value after suitable validation

Parameters:

headerValue - Header Value which should be validated before being set

Returns:

String Header Value sanitized for CRLF attack

Throws:

Exception

getSafeCookieHeaderValue

public static String getSafeCookieHeaderValue(String headerValue)
                                       throws Exception

Return Cookie Http Header Value after suitable validation

Parameters:

headerValue - Header Value which should be validated before being set

Returns:

String Header Value sanitized for CRLF attack

Throws:

Exception