Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.day.cq.xss.taglib
Class ProtectBody

java.lang.Object
  extended by javax.servlet.jsp.tagext.TagSupport
      extended by javax.servlet.jsp.tagext.BodyTagSupport
          extended by com.day.cq.xss.taglib.ProtectBody
All Implemented Interfaces:
Serializable, javax.servlet.jsp.tagext.BodyTag, javax.servlet.jsp.tagext.IterationTag, javax.servlet.jsp.tagext.JspTag, javax.servlet.jsp.tagext.Tag
Direct Known Subclasses:
ProtectStringAsAttribute
public class ProtectBody
extends javax.servlet.jsp.tagext.BodyTagSupport

This class implements a tag that can be used to prevent its body content from containing any XSS stuff.

The policy to be used may be specified using the policy attribute.

See Also:
Serialized Form

Field Summary
protected  String policy
          Path to policy file to use; null, if the default policy has to be used
 
Fields inherited from class javax.servlet.jsp.tagext.BodyTagSupport
bodyContent
 
Fields inherited from class javax.servlet.jsp.tagext.TagSupport
id, pageContext
 
Fields inherited from interface javax.servlet.jsp.tagext.BodyTag
EVAL_BODY_BUFFERED, EVAL_BODY_TAG
 
Fields inherited from interface javax.servlet.jsp.tagext.IterationTag
EVAL_BODY_AGAIN
 
Fields inherited from interface javax.servlet.jsp.tagext.Tag
EVAL_BODY_INCLUDE, EVAL_PAGE, SKIP_BODY, SKIP_PAGE
 
Constructor Summary
ProtectBody()
           
 
Method Summary
 int doAfterBody()
          Executes the XSS removal.
 String getPolicy()
          Get the path to the policy to be used.
 void setPolicy(String policy)
          Set the path to the policy to be used.
 
Methods inherited from class javax.servlet.jsp.tagext.BodyTagSupport
doEndTag, doInitBody, doStartTag, getBodyContent, getPreviousOut, release, setBodyContent
 
Methods inherited from class javax.servlet.jsp.tagext.TagSupport
findAncestorWithClass, getId, getParent, getValue, getValues, removeValue, setId, setPageContext, setParent, setValue
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface javax.servlet.jsp.tagext.Tag
getParent, setPageContext, setParent
 

Field Detail

policy

protected String policy
Path to policy file to use; null, if the default policy has to be used

Constructor Detail

ProtectBody

public ProtectBody()
Method Detail

getPolicy

public String getPolicy()
Get the path to the policy to be used.

Returns:
Path to policy file to use; null, if the default policy has to be used

setPolicy

public void setPolicy(String policy)
Set the path to the policy to be used.

Parameters:
policy - Path to policy file to use; null, if the default policy has to be used

doAfterBody

public int doAfterBody()
                throws javax.servlet.jsp.JspException
Executes the XSS removal.

Specified by:
doAfterBody in interface javax.servlet.jsp.tagext.IterationTag
Overrides:
doAfterBody in class javax.servlet.jsp.tagext.BodyTagSupport
Throws:
javax.servlet.jsp.JspException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2009 Day Management AG. All Rights Reserved.