Package org.opencms.jsp
Class CmsJspTagSecureParams
java.lang.Object
javax.servlet.jsp.tagext.TagSupport
org.opencms.jsp.CmsJspTagSecureParams
- All Implemented Interfaces:
Serializable
,javax.servlet.jsp.tagext.IterationTag
,javax.servlet.jsp.tagext.JspTag
,javax.servlet.jsp.tagext.Tag
This tag is used to enable parameter escaping for a single Flex Request.
- See Also:
-
Field Summary
Fields inherited from class javax.servlet.jsp.tagext.TagSupport
id, pageContext
Fields inherited from interface javax.servlet.jsp.tagext.IterationTag
EVAL_BODY_AGAIN
Fields inherited from interface javax.servlet.jsp.tagext.Tag
EVAL_BODY_INCLUDE, EVAL_PAGE, SKIP_BODY, SKIP_PAGE
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionint
static void
secureParamsTagAction
(javax.servlet.ServletRequest request, String allowXml, String allowHtml, String policy, String replaceInvalid, String escapeInvalid) Static method which provides the actual functionality of this tag.void
setAllowHtml
(String allowHtml) Sets the 'allowHtml' parameter.void
setAllowXml
(String allowXml) Sets the 'allowXml' parameter.void
setEscapeInvalid
(String escapeInvalid) Sets the parameters which should still be XML escaped, even if replaceInvalid is set.void
Sets the 'policy' parameter.void
setReplaceInvalid
(String replaceInvalid) Sets the 'bad value', which, if set, is used as a replacement for values that would otherwise be XML-escaped.Methods inherited from class javax.servlet.jsp.tagext.TagSupport
doAfterBody, doEndTag, findAncestorWithClass, getId, getParent, getValue, getValues, release, removeValue, setId, setPageContext, setParent, setValue
-
Constructor Details
-
CmsJspTagSecureParams
public CmsJspTagSecureParams()
-
-
Method Details
-
secureParamsTagAction
public static void secureParamsTagAction(javax.servlet.ServletRequest request, String allowXml, String allowHtml, String policy, String replaceInvalid, String escapeInvalid) Static method which provides the actual functionality of this tag.- Parameters:
request
- the request for which the parameters should be escapedallowXml
- the comma-separated list of parameters for which XML characters will not be escapedallowHtml
- the comma-separated list of parameters for which HTML will be allowed, but be escapedpolicy
- the site path of an AntiSamy policy filereplaceInvalid
- if not null, replaces parameters that would otherwise beescapeInvalid
- a comma-separated list of the names of parameters which should still be escaped even if replaceInvalid is set
-
doStartTag
- Specified by:
doStartTag
in interfacejavax.servlet.jsp.tagext.Tag
- Overrides:
doStartTag
in classjavax.servlet.jsp.tagext.TagSupport
- See Also:
-
Tag.doStartTag()
-
setAllowHtml
Sets the 'allowHtml' parameter.- Parameters:
allowHtml
- the new 'allowHtml' parameter
-
setAllowXml
Sets the 'allowXml' parameter.- Parameters:
allowXml
- the new 'allowXml' parameter
-
setEscapeInvalid
Sets the parameters which should still be XML escaped, even if replaceInvalid is set.- Parameters:
escapeInvalid
- a comma-separated list of parameter names
-
setPolicy
Sets the 'policy' parameter.- Parameters:
policy
- the new 'policy' parameter
-
setReplaceInvalid
Sets the 'bad value', which, if set, is used as a replacement for values that would otherwise be XML-escaped.- Parameters:
replaceInvalid
- the bad value
-