Package org.opencms.jsp
Class CmsJspTagSecureParams
- java.lang.Object
-
- javax.servlet.jsp.tagext.TagSupport
-
- org.opencms.jsp.CmsJspTagSecureParams
-
- All Implemented Interfaces:
java.io.Serializable
,javax.servlet.jsp.tagext.IterationTag
,javax.servlet.jsp.tagext.JspTag
,javax.servlet.jsp.tagext.Tag
public class CmsJspTagSecureParams extends javax.servlet.jsp.tagext.TagSupport
This tag is used to enable parameter escaping for a single Flex Request.- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description CmsJspTagSecureParams()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description int
doStartTag()
static void
secureParamsTagAction(javax.servlet.ServletRequest request, java.lang.String allowXml, java.lang.String allowHtml, java.lang.String policy, java.lang.String replaceInvalid, java.lang.String escapeInvalid)
Static method which provides the actual functionality of this tag.void
setAllowHtml(java.lang.String allowHtml)
Sets the 'allowHtml' parameter.void
setAllowXml(java.lang.String allowXml)
Sets the 'allowXml' parameter.void
setEscapeInvalid(java.lang.String escapeInvalid)
Sets the parameters which should still be XML escaped, even if replaceInvalid is set.void
setPolicy(java.lang.String policy)
Sets the 'policy' parameter.void
setReplaceInvalid(java.lang.String replaceInvalid)
Sets the 'bad value', which, if set, is used as a replacement for values that would otherwise be XML-escaped.
-
-
-
Constructor Detail
-
CmsJspTagSecureParams
public CmsJspTagSecureParams()
-
-
Method Detail
-
secureParamsTagAction
public static void secureParamsTagAction(javax.servlet.ServletRequest request, java.lang.String allowXml, java.lang.String allowHtml, java.lang.String policy, java.lang.String replaceInvalid, java.lang.String escapeInvalid)
Static method which provides the actual functionality of this tag.- Parameters:
request
- the request for which the parameters should be escapedallowXml
- the comma-separated list of parameters for which XML characters will not be escapedallowHtml
- the comma-separated list of parameters for which HTML will be allowed, but be escapedpolicy
- the site path of an AntiSamy policy filereplaceInvalid
- if not null, replaces parameters that would otherwise beescapeInvalid
- a comma-separated list of the names of parameters which should still be escaped even if replaceInvalid is set
-
doStartTag
public int doStartTag()
- Specified by:
doStartTag
in interfacejavax.servlet.jsp.tagext.Tag
- Overrides:
doStartTag
in classjavax.servlet.jsp.tagext.TagSupport
- See Also:
Tag.doStartTag()
-
setAllowHtml
public void setAllowHtml(java.lang.String allowHtml)
Sets the 'allowHtml' parameter.- Parameters:
allowHtml
- the new 'allowHtml' parameter
-
setAllowXml
public void setAllowXml(java.lang.String allowXml)
Sets the 'allowXml' parameter.- Parameters:
allowXml
- the new 'allowXml' parameter
-
setEscapeInvalid
public void setEscapeInvalid(java.lang.String escapeInvalid)
Sets the parameters which should still be XML escaped, even if replaceInvalid is set.- Parameters:
escapeInvalid
- a comma-separated list of parameter names
-
setPolicy
public void setPolicy(java.lang.String policy)
Sets the 'policy' parameter.- Parameters:
policy
- the new 'policy' parameter
-
setReplaceInvalid
public void setReplaceInvalid(java.lang.String replaceInvalid)
Sets the 'bad value', which, if set, is used as a replacement for values that would otherwise be XML-escaped.- Parameters:
replaceInvalid
- the bad value
-
-