当前位置: 首页>>代码示例>>Java>>正文


Java Encoder类代码示例

本文整理汇总了Java中org.owasp.esapi.Encoder的典型用法代码示例。如果您正苦于以下问题:Java Encoder类的具体用法?Java Encoder怎么用?Java Encoder使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


Encoder类属于org.owasp.esapi包,在下文中一共展示了Encoder类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: encode

import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static String encode(String item, short encFor) throws PageException  {
	
	PrintStream out = System.out;
	try {
		 System.setOut(new PrintStream(DevNullOutputStream.DEV_NULL_OUTPUT_STREAM));
		 Encoder encoder = ESAPI.encoder();
		 switch(encFor){
		 //case ENC_CSS:return encoder.encodeForBase64(item);
		 case ENC_CSS:return encoder.encodeForCSS(item);
		 case ENC_DN:return encoder.encodeForDN(item);
		 case ENC_HTML:return encoder.encodeForHTML(item);
		 case ENC_HTML_ATTR:return encoder.encodeForHTMLAttribute(item);
		 case ENC_JAVA_SCRIPT:return encoder.encodeForJavaScript(item);
		 case ENC_LDAP:return encoder.encodeForLDAP(item);
		 //case ENC_CSS:return encoder.encodeForOS(arg0, arg1)(item);
		 //case ENC_CSS:return encoder.encodeForSQL(arg0, arg1)CSS(item);
		 case ENC_URL:return encoder.encodeForURL(item);
		 case ENC_VB_SCRIPT:return encoder.encodeForVBScript(item);
		 case ENC_XML:return encoder.encodeForXML(item);
		 case ENC_XML_ATTR:return encoder.encodeForXMLAttribute(item);
		 case ENC_XPATH:return encoder.encodeForXPath(item);
		 }
		 throw new ApplicationException("invalid target encoding defintion");
	}
	catch(EncodingException ee){
		throw Caster.toPageException(ee);
	}
	finally {
		 System.setOut(out);
	}
}
 
开发者ID:lucee,项目名称:Lucee4,代码行数:32,代码来源:ESAPIEncode.java

示例2: testEncodeForJavascript

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForJavaScript method, of class org.owasp.esapi.Encoder.
*/
  public void testEncodeForJavascript() {
      System.out.println("encodeForJavascript");
      Encoder instance = ESAPI.encoder();
      assertEquals(null, instance.encodeForJavaScript(null));
      assertEquals("\\x3Cscript\\x3E", instance.encodeForJavaScript("<script>"));
      assertEquals(",.\\x2D_\\x20", instance.encodeForJavaScript(",.-_ "));
      assertEquals("\\x21\\x40\\x24\\x25\\x28\\x29\\x3D\\x2B\\x7B\\x7D\\x5B\\x5D", instance.encodeForJavaScript("[email protected]$%()=+{}[]"));
      // assertEquals( "\\0", instance.encodeForJavaScript("\0"));
      // assertEquals( "\\b", instance.encodeForJavaScript("\b"));
      // assertEquals( "\\t", instance.encodeForJavaScript("\t"));
      // assertEquals( "\\n", instance.encodeForJavaScript("\n"));
      // assertEquals( "\\v", instance.encodeForJavaScript("" + (char)0x0b));
      // assertEquals( "\\f", instance.encodeForJavaScript("\f"));
      // assertEquals( "\\r", instance.encodeForJavaScript("\r"));
      // assertEquals( "\\'", instance.encodeForJavaScript("\'"));
      // assertEquals( "\\\"", instance.encodeForJavaScript("\""));
      // assertEquals( "\\\\", instance.encodeForJavaScript("\\"));
  }
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:22,代码来源:EncoderTest.java

示例3: populateVelocityContext

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
 * Populate the Velocity context instance which will be used to render the POST body.
 * 
 * @param velocityContext the Velocity context instance to populate with data
 * @param messageContext the SAML message context source of data
 * @param endpointURL endpoint URL to which to encode message
 * @throws MessageEncodingException thrown if there is a problem encoding the message
 */
protected void populateVelocityContext(VelocityContext velocityContext, SAMLMessageContext messageContext,
        String endpointURL) throws MessageEncodingException {
    
    Encoder esapiEncoder = ESAPI.encoder();

    String encodedEndpointURL = esapiEncoder.encodeForHTMLAttribute(endpointURL);
    log.debug("Encoding action url of '{}' with encoded value '{}'", endpointURL, encodedEndpointURL);
    velocityContext.put("action", encodedEndpointURL);
    velocityContext.put("binding", getBindingURI());

    log.debug("Marshalling and Base64 encoding SAML message");
    if (messageContext.getOutboundSAMLMessage().getDOM() == null) {
        marshallMessage(messageContext.getOutboundSAMLMessage());
    }
    try {
        String messageXML = XMLHelper.nodeToString(messageContext.getOutboundSAMLMessage().getDOM());
        String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES);
        if (messageContext.getOutboundSAMLMessage() instanceof RequestAbstractType) {
            velocityContext.put("SAMLRequest", encodedMessage);
        } else if (messageContext.getOutboundSAMLMessage() instanceof StatusResponseType) {
            velocityContext.put("SAMLResponse", encodedMessage);
        } else {
            throw new MessageEncodingException(
                    "SAML message is neither a SAML RequestAbstractType or StatusResponseType");
        }
    } catch (UnsupportedEncodingException e) {
        log.error("UTF-8 encoding is not supported, this VM is not Java compliant.");
        throw new MessageEncodingException("Unable to encode message, UTF-8 encoding is not supported");
    }

    String relayState = messageContext.getRelayState();
    if (checkRelayState(relayState)) {
        String encodedRelayState = esapiEncoder.encodeForHTMLAttribute(relayState);
        log.debug("Setting RelayState parameter to: '{}', encoded as '{}'", relayState, encodedRelayState);
        velocityContext.put("RelayState", encodedRelayState);
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:46,代码来源:HTTPPostEncoder.java

示例4: decode

import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static String decode(String item, short decFrom) throws PageException  {
	
	PrintStream out = System.out;
	try {
		 System.setOut(new PrintStream(DevNullOutputStream.DEV_NULL_OUTPUT_STREAM));
		 Encoder encoder = ESAPI.encoder();
		 switch(decFrom){
		 case DEC_URL:return encoder.decodeFromURL(item);
		 }
		 throw new ApplicationException("invalid target decoding defintion");
	}
	catch(EncodingException ee){
		throw Caster.toPageException(ee);
	}
	finally {
		 System.setOut(out);
	}
}
 
开发者ID:lucee,项目名称:Lucee4,代码行数:19,代码来源:ESAPIDecode.java

示例5: testEncodeForHTML

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForHTML method, of class org.owasp.esapi.Encoder.
   *
   * @throws Exception
   */
  public void testEncodeForHTML() throws Exception {
      System.out.println("encodeForHTML");
      Encoder instance = ESAPI.encoder();
      assertEquals(null, instance.encodeForHTML(null));
      // test invalid characters are replaced with spaces
      assertEquals("a&#xfffd;b&#xfffd;c&#xfffd;d&#xfffd;e&#xfffd;f&#x9;g", instance.encodeForHTML("a" + (char)0 + "b" + (char)4 + "c" + (char)128 + "d" + (char)150 + "e" +(char)159 + "f" + (char)9 + "g"));
      
      assertEquals("&lt;script&gt;", instance.encodeForHTML("<script>"));
      assertEquals("&amp;lt&#x3b;script&amp;gt&#x3b;", instance.encodeForHTML("&lt;script&gt;"));
      assertEquals("&#x21;&#x40;&#x24;&#x25;&#x28;&#x29;&#x3d;&#x2b;&#x7b;&#x7d;&#x5b;&#x5d;", instance.encodeForHTML("[email protected]$%()=+{}[]"));
      assertEquals("&#x21;&#x40;&#x24;&#x25;&#x28;&#x29;&#x3d;&#x2b;&#x7b;&#x7d;&#x5b;&#x5d;", instance.encodeForHTML(instance.canonicalize("&#33;&#64;&#36;&#37;&#40;&#41;&#61;&#43;&#123;&#125;&#91;&#93;") ) );
      assertEquals(",.-_ ", instance.encodeForHTML(",.-_ "));
      assertEquals("dir&amp;", instance.encodeForHTML("dir&"));
      assertEquals("one&amp;two", instance.encodeForHTML("one&two"));
      assertEquals("" + (char)12345 + (char)65533 + (char)1244, "" + (char)12345 + (char)65533 + (char)1244 );
  }
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:22,代码来源:EncoderTest.java

示例6: testEncodeForSQL

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForSQL method, of class org.owasp.esapi.Encoder.
*/
  public void testEncodeForSQL() {
      System.out.println("encodeForSQL");
      Encoder instance = ESAPI.encoder();

      Codec mySQL1 = new MySQLCodec( MySQLCodec.ANSI_MODE );
      assertEquals("ANSI_MODE", null, instance.encodeForSQL(mySQL1, null));
      assertEquals("ANSI_MODE", "Jeff'' or ''1''=''1", instance.encodeForSQL(mySQL1, "Jeff' or '1'='1"));
      
      Codec mySQL2 = new MySQLCodec( MySQLCodec.MYSQL_MODE );
      assertEquals("MYSQL_MODE", null, instance.encodeForSQL(mySQL2, null));
      assertEquals("MYSQL_MODE", "Jeff\\' or \\'1\\'\\=\\'1", instance.encodeForSQL(mySQL2, "Jeff' or '1'='1"));

      Codec oracle = new OracleCodec();
      assertEquals("Oracle", null, instance.encodeForSQL(oracle, null));
      assertEquals("Oracle", "Jeff'' or ''1''=''1", instance.encodeForSQL(oracle, "Jeff' or '1'='1"));
  }
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:20,代码来源:EncoderTest.java

示例7: testEncodeForBase64

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForBase64 method, of class org.owasp.esapi.Encoder.
*/
  public void testEncodeForBase64() {
      System.out.println("encodeForBase64");
      Encoder instance = ESAPI.encoder();
      
      try {
      	assertEquals(null, instance.encodeForBase64(null, false));
          assertEquals(null, instance.encodeForBase64(null, true));
          assertEquals(null, instance.decodeFromBase64(null));
          for ( int i=0; i < 100; i++ ) {
              byte[] r = ESAPI.randomizer().getRandomString( 20, EncoderConstants.CHAR_SPECIALS ).getBytes(PREFERRED_ENCODING);
              String encoded = instance.encodeForBase64( r, ESAPI.randomizer().getRandomBoolean() );
              byte[] decoded = instance.decodeFromBase64( encoded );
              assertTrue( Arrays.equals( r, decoded ) );
          }
      } catch ( IOException e ) {
          fail();
      }
  }
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:22,代码来源:EncoderTest.java

示例8: encodeHtml

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
 * Using ESAPI HTML Encoder, encodes the supplied html string.
 * @param html the string to be encoded.
 * @return the encoded string.
 */
private String encodeHtml(String html) {
    Encoder encoder = DefaultEncoder.getInstance();
    String s = encoder.encodeForHTML(html);
    return s;
}
 
开发者ID:Appverse,项目名称:appverse-server,代码行数:11,代码来源:JSONStringXSSDeserializer.java

示例9: testSerialization

import org.owasp.esapi.Encoder; //导入依赖的package包/类
public void testSerialization() throws Exception {
    // Note: ESAPI reference implementation is NOT serializable.  Maybe
    // it will be in the future.  Our implementation is however
    // guaranteed serializable.

    Encoder encoder = ESAPI.encoder();

    ByteArrayOutputStream baos = new ByteArrayOutputStream();

    ObjectOutputStream oos = new ObjectOutputStream(baos);
    oos.writeObject(encoder);
    oos.close();

    ObjectInputStream ois = new ObjectInputStream(
        new ByteArrayInputStream(baos.toByteArray()));

    Encoder deserializedEncoder = (Encoder)ois.readObject();

    assertSame(encoder, deserializedEncoder);
}
 
开发者ID:OWASP,项目名称:owasp-java-encoder,代码行数:21,代码来源:ESAPIEncoderTest.java

示例10: decode

import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static String decode(String item, short decFrom) throws PageException  {
	
	PrintStream out = System.out;
	try {
		 System.setOut(new PrintStream(DevNullOutputStream.DEV_NULL_OUTPUT_STREAM));
		 Encoder encoder = ESAPI.encoder();
		 switch(decFrom){
		 case DEC_URL:return encoder.decodeFromURL(item);
		 //case DEC_BASE64:return encoder.decodeFromBase64(item);
		 case DEC_HTML:return encoder.decodeForHTML(item);
		 }
		 throw new ApplicationException("invalid target decoding defintion");
	}
	catch(EncodingException ee){
		throw Caster.toPageException(ee);
	}
	finally {
		 System.setOut(out);
	}
}
 
开发者ID:lucee,项目名称:Lucee,代码行数:21,代码来源:ESAPIDecode.java

示例11: fixParams

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
 * {@inheritDoc}
 */
@Override
public String[] fixParams(final String name, final String url, final String[] params) throws ValidationFailedException {
	checkNotNull(name);
	checkArgument(!name.trim().isEmpty());
	checkNotNull(url);
	checkArgument(!url.trim().isEmpty());
	checkNotNull(params);
	checkArgument(params.length != 0, "PVF-BUG-0003: params should always have at least one value");
	
	final String[] retValues = new String[params.length];

	for (int paramIndex = 0, paramLength = params.length; paramIndex < paramLength; ++paramIndex) {
		final String param = params[paramIndex];
		
		if (param == null) {
			retValues[paramIndex] = null;
		} else {
			final Encoder encoder = DefaultEncoder.getInstance();
			final String canonicalized = encoder.canonicalize(param, false);
			retValues[paramIndex] = canonicalized;
		}
	}
	
	return retValues;
}
 
开发者ID:mcasperson,项目名称:ParameterValidationFilter,代码行数:29,代码来源:CanonicalizeTextValidationRule.java

示例12: postEncode

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
 * Performs HTTP POST based encoding.
 * 
 * @param artifactContext current request context
 * @param outTransport outbound HTTP transport
 * 
 * @throws MessageEncodingException thrown if there is a problem POST encoding the artifact
 */
protected void postEncode(SAMLMessageContext artifactContext, HTTPOutTransport outTransport)
        throws MessageEncodingException {
    log.debug("Performing HTTP POST SAML 2 artifact encoding");

    log.debug("Creating velocity context");
    VelocityContext context = new VelocityContext();
    Encoder esapiEncoder = ESAPI.encoder();
    String endpointURL = getEndpointURL(artifactContext).toString();
    String encodedEndpointURL = esapiEncoder.encodeForHTMLAttribute(endpointURL);
    log.debug("Setting action parameter to: '{}', encoded as '{}'", endpointURL, encodedEndpointURL);
    context.put("action", encodedEndpointURL);
    context.put("SAMLArt", buildArtifact(artifactContext).base64Encode());
    context.put("binding", getBindingURI());

    if (checkRelayState(artifactContext.getRelayState())) {
        String encodedRelayState = esapiEncoder.encodeForHTMLAttribute(artifactContext.getRelayState());
        log.debug("Setting RelayState parameter to: '{}', encoded as '{}'", artifactContext.getRelayState(), encodedRelayState);
        context.put("RelayState", encodedRelayState);
    }

    try {
        log.debug("Invoking velocity template");
        OutputStreamWriter outWriter = new OutputStreamWriter(outTransport.getOutgoingStream());
        velocityEngine.mergeTemplate(velocityTemplateId, "UTF-8", context, outWriter);
    } catch (Exception e) {
        log.error("Error invoking velocity template to create POST form", e);
        throw new MessageEncodingException("Error creating output document", e);
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:38,代码来源:HTTPArtifactEncoder.java

示例13: encode

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
 * Encode tag's content for usage in a URL.
 * @param content The tag's content as a String
 * @param enc Encoder used to call
 * 	{@link Encoder#encodeForURL(String)}
 * @return content encoded for usage in a URL
 * @throws EncodingException if {@link Encoder#encodeForURL(String)} does.
 */
protected String encode(String content, Encoder enc) throws JspTagException
{
	try
	{
		return enc.encodeForURL(content);
	}
	catch(EncodingException e)
	{
		throw new JspTagException("Unable to encode to URL encoding", e);
	}
}
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:20,代码来源:EncodeForURLTag.java

示例14: encode

import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
 * Encode tag's content using Base64.
 * @param content The tag's content as a String
 * @param enc Encoder used to call
 * 	{@link Encoder#encodeForBase64(byte[], boolean)}
 * @return content encoded in Base64
 */
protected String encode(String content, Encoder enc) throws JspTagException
{
	try
	{
		return enc.encodeForBase64(content.getBytes(encoding), wrap);
	}
	catch(UnsupportedEncodingException e)
	{
		throw new JspTagException("Unsupported encoding " + enc,e);
	}
}
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:19,代码来源:EncodeForBase64Tag.java

示例15: getInstance

import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static Encoder getInstance() {
    if ( singletonInstance == null ) {
        synchronized ( DefaultEncoder.class ) {
            if ( singletonInstance == null ) {
                singletonInstance = new DefaultEncoder();
            }
        }
    }
    return singletonInstance;
}
 
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:11,代码来源:DefaultEncoder.java


注:本文中的org.owasp.esapi.Encoder类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。