Package org.glassfish.common.util
Class InputValidationUtil
java.lang.Object
org.glassfish.common.util.InputValidationUtil
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic StringgetSafeCookieHeaderValue(String headerValue) Return Cookie Http Header Value after suitable validationstatic StringgetSafeHeaderName(String headerName) Return Http Header Name after suitable validationstatic StringgetSafeHeaderValue(String headerValue) Return Http Header Value after suitable validationstatic StringremoveLinearWhiteSpaces(String input) Remove unwanted white spaces in the URL.static booleanvalidateStringforCRLF(String input) Validate the String for Header Injection Attack.
-
Field Details
-
CRLF_ENCODED_STRING_LOWER
- See Also:
-
CRLF_ENCODED_STRING_UPPER
- See Also:
-
CR_ENCODED_STRING_LOWER
- See Also:
-
CR_ENCODED_STRING_UPPER
- See Also:
-
CRLF_STRING
- See Also:
-
-
Constructor Details
-
InputValidationUtil
public InputValidationUtil()
-
-
Method Details
-
validateStringforCRLF
Validate the String for Header Injection Attack.- Parameters:
input- String to be validate- Returns:
- boolean
-
removeLinearWhiteSpaces
Remove unwanted white spaces in the URL.- Parameters:
input- String to be stripped with whitespaces- Returns:
- String
-
getSafeHeaderName
Return Http Header Name after suitable validation- Parameters:
headerName- Header Name which should be validated before being set- Returns:
- String Header Name sanitized for CRLF attack
- Throws:
Exception
-
getSafeHeaderValue
Return Http Header Value after suitable validation- Parameters:
headerValue- Header Value which should be validated before being set- Returns:
- String Header Value sanitized for CRLF attack
- Throws:
Exception
-
getSafeCookieHeaderValue
Return Cookie Http Header Value after suitable validation- Parameters:
headerValue- Header Value which should be validated before being set- Returns:
- String Header Value sanitized for CRLF attack
- Throws:
Exception
-