本文整理汇总了Java中org.owasp.esapi.Encoder类的典型用法代码示例。如果您正苦于以下问题:Java Encoder类的具体用法?Java Encoder怎么用?Java Encoder使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Encoder类属于org.owasp.esapi包,在下文中一共展示了Encoder类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: encode
import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static String encode(String item, short encFor) throws PageException {
PrintStream out = System.out;
try {
System.setOut(new PrintStream(DevNullOutputStream.DEV_NULL_OUTPUT_STREAM));
Encoder encoder = ESAPI.encoder();
switch(encFor){
//case ENC_CSS:return encoder.encodeForBase64(item);
case ENC_CSS:return encoder.encodeForCSS(item);
case ENC_DN:return encoder.encodeForDN(item);
case ENC_HTML:return encoder.encodeForHTML(item);
case ENC_HTML_ATTR:return encoder.encodeForHTMLAttribute(item);
case ENC_JAVA_SCRIPT:return encoder.encodeForJavaScript(item);
case ENC_LDAP:return encoder.encodeForLDAP(item);
//case ENC_CSS:return encoder.encodeForOS(arg0, arg1)(item);
//case ENC_CSS:return encoder.encodeForSQL(arg0, arg1)CSS(item);
case ENC_URL:return encoder.encodeForURL(item);
case ENC_VB_SCRIPT:return encoder.encodeForVBScript(item);
case ENC_XML:return encoder.encodeForXML(item);
case ENC_XML_ATTR:return encoder.encodeForXMLAttribute(item);
case ENC_XPATH:return encoder.encodeForXPath(item);
}
throw new ApplicationException("invalid target encoding defintion");
}
catch(EncodingException ee){
throw Caster.toPageException(ee);
}
finally {
System.setOut(out);
}
}
示例2: testEncodeForJavascript
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForJavaScript method, of class org.owasp.esapi.Encoder.
*/
public void testEncodeForJavascript() {
System.out.println("encodeForJavascript");
Encoder instance = ESAPI.encoder();
assertEquals(null, instance.encodeForJavaScript(null));
assertEquals("\\x3Cscript\\x3E", instance.encodeForJavaScript("<script>"));
assertEquals(",.\\x2D_\\x20", instance.encodeForJavaScript(",.-_ "));
assertEquals("\\x21\\x40\\x24\\x25\\x28\\x29\\x3D\\x2B\\x7B\\x7D\\x5B\\x5D", instance.encodeForJavaScript("[email protected]$%()=+{}[]"));
// assertEquals( "\\0", instance.encodeForJavaScript("\0"));
// assertEquals( "\\b", instance.encodeForJavaScript("\b"));
// assertEquals( "\\t", instance.encodeForJavaScript("\t"));
// assertEquals( "\\n", instance.encodeForJavaScript("\n"));
// assertEquals( "\\v", instance.encodeForJavaScript("" + (char)0x0b));
// assertEquals( "\\f", instance.encodeForJavaScript("\f"));
// assertEquals( "\\r", instance.encodeForJavaScript("\r"));
// assertEquals( "\\'", instance.encodeForJavaScript("\'"));
// assertEquals( "\\\"", instance.encodeForJavaScript("\""));
// assertEquals( "\\\\", instance.encodeForJavaScript("\\"));
}
示例3: populateVelocityContext
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Populate the Velocity context instance which will be used to render the POST body.
*
* @param velocityContext the Velocity context instance to populate with data
* @param messageContext the SAML message context source of data
* @param endpointURL endpoint URL to which to encode message
* @throws MessageEncodingException thrown if there is a problem encoding the message
*/
protected void populateVelocityContext(VelocityContext velocityContext, SAMLMessageContext messageContext,
String endpointURL) throws MessageEncodingException {
Encoder esapiEncoder = ESAPI.encoder();
String encodedEndpointURL = esapiEncoder.encodeForHTMLAttribute(endpointURL);
log.debug("Encoding action url of '{}' with encoded value '{}'", endpointURL, encodedEndpointURL);
velocityContext.put("action", encodedEndpointURL);
velocityContext.put("binding", getBindingURI());
log.debug("Marshalling and Base64 encoding SAML message");
if (messageContext.getOutboundSAMLMessage().getDOM() == null) {
marshallMessage(messageContext.getOutboundSAMLMessage());
}
try {
String messageXML = XMLHelper.nodeToString(messageContext.getOutboundSAMLMessage().getDOM());
String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES);
if (messageContext.getOutboundSAMLMessage() instanceof RequestAbstractType) {
velocityContext.put("SAMLRequest", encodedMessage);
} else if (messageContext.getOutboundSAMLMessage() instanceof StatusResponseType) {
velocityContext.put("SAMLResponse", encodedMessage);
} else {
throw new MessageEncodingException(
"SAML message is neither a SAML RequestAbstractType or StatusResponseType");
}
} catch (UnsupportedEncodingException e) {
log.error("UTF-8 encoding is not supported, this VM is not Java compliant.");
throw new MessageEncodingException("Unable to encode message, UTF-8 encoding is not supported");
}
String relayState = messageContext.getRelayState();
if (checkRelayState(relayState)) {
String encodedRelayState = esapiEncoder.encodeForHTMLAttribute(relayState);
log.debug("Setting RelayState parameter to: '{}', encoded as '{}'", relayState, encodedRelayState);
velocityContext.put("RelayState", encodedRelayState);
}
}
示例4: decode
import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static String decode(String item, short decFrom) throws PageException {
PrintStream out = System.out;
try {
System.setOut(new PrintStream(DevNullOutputStream.DEV_NULL_OUTPUT_STREAM));
Encoder encoder = ESAPI.encoder();
switch(decFrom){
case DEC_URL:return encoder.decodeFromURL(item);
}
throw new ApplicationException("invalid target decoding defintion");
}
catch(EncodingException ee){
throw Caster.toPageException(ee);
}
finally {
System.setOut(out);
}
}
示例5: testEncodeForHTML
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForHTML method, of class org.owasp.esapi.Encoder.
*
* @throws Exception
*/
public void testEncodeForHTML() throws Exception {
System.out.println("encodeForHTML");
Encoder instance = ESAPI.encoder();
assertEquals(null, instance.encodeForHTML(null));
// test invalid characters are replaced with spaces
assertEquals("a�b�c�d�e�f	g", instance.encodeForHTML("a" + (char)0 + "b" + (char)4 + "c" + (char)128 + "d" + (char)150 + "e" +(char)159 + "f" + (char)9 + "g"));
assertEquals("<script>", instance.encodeForHTML("<script>"));
assertEquals("&lt;script&gt;", instance.encodeForHTML("<script>"));
assertEquals("!@$%()=+{}[]", instance.encodeForHTML("[email protected]$%()=+{}[]"));
assertEquals("!@$%()=+{}[]", instance.encodeForHTML(instance.canonicalize("!@$%()=+{}[]") ) );
assertEquals(",.-_ ", instance.encodeForHTML(",.-_ "));
assertEquals("dir&", instance.encodeForHTML("dir&"));
assertEquals("one&two", instance.encodeForHTML("one&two"));
assertEquals("" + (char)12345 + (char)65533 + (char)1244, "" + (char)12345 + (char)65533 + (char)1244 );
}
示例6: testEncodeForSQL
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForSQL method, of class org.owasp.esapi.Encoder.
*/
public void testEncodeForSQL() {
System.out.println("encodeForSQL");
Encoder instance = ESAPI.encoder();
Codec mySQL1 = new MySQLCodec( MySQLCodec.ANSI_MODE );
assertEquals("ANSI_MODE", null, instance.encodeForSQL(mySQL1, null));
assertEquals("ANSI_MODE", "Jeff'' or ''1''=''1", instance.encodeForSQL(mySQL1, "Jeff' or '1'='1"));
Codec mySQL2 = new MySQLCodec( MySQLCodec.MYSQL_MODE );
assertEquals("MYSQL_MODE", null, instance.encodeForSQL(mySQL2, null));
assertEquals("MYSQL_MODE", "Jeff\\' or \\'1\\'\\=\\'1", instance.encodeForSQL(mySQL2, "Jeff' or '1'='1"));
Codec oracle = new OracleCodec();
assertEquals("Oracle", null, instance.encodeForSQL(oracle, null));
assertEquals("Oracle", "Jeff'' or ''1''=''1", instance.encodeForSQL(oracle, "Jeff' or '1'='1"));
}
示例7: testEncodeForBase64
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Test of encodeForBase64 method, of class org.owasp.esapi.Encoder.
*/
public void testEncodeForBase64() {
System.out.println("encodeForBase64");
Encoder instance = ESAPI.encoder();
try {
assertEquals(null, instance.encodeForBase64(null, false));
assertEquals(null, instance.encodeForBase64(null, true));
assertEquals(null, instance.decodeFromBase64(null));
for ( int i=0; i < 100; i++ ) {
byte[] r = ESAPI.randomizer().getRandomString( 20, EncoderConstants.CHAR_SPECIALS ).getBytes(PREFERRED_ENCODING);
String encoded = instance.encodeForBase64( r, ESAPI.randomizer().getRandomBoolean() );
byte[] decoded = instance.decodeFromBase64( encoded );
assertTrue( Arrays.equals( r, decoded ) );
}
} catch ( IOException e ) {
fail();
}
}
示例8: encodeHtml
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Using ESAPI HTML Encoder, encodes the supplied html string.
* @param html the string to be encoded.
* @return the encoded string.
*/
private String encodeHtml(String html) {
Encoder encoder = DefaultEncoder.getInstance();
String s = encoder.encodeForHTML(html);
return s;
}
示例9: testSerialization
import org.owasp.esapi.Encoder; //导入依赖的package包/类
public void testSerialization() throws Exception {
// Note: ESAPI reference implementation is NOT serializable. Maybe
// it will be in the future. Our implementation is however
// guaranteed serializable.
Encoder encoder = ESAPI.encoder();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(encoder);
oos.close();
ObjectInputStream ois = new ObjectInputStream(
new ByteArrayInputStream(baos.toByteArray()));
Encoder deserializedEncoder = (Encoder)ois.readObject();
assertSame(encoder, deserializedEncoder);
}
示例10: decode
import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static String decode(String item, short decFrom) throws PageException {
PrintStream out = System.out;
try {
System.setOut(new PrintStream(DevNullOutputStream.DEV_NULL_OUTPUT_STREAM));
Encoder encoder = ESAPI.encoder();
switch(decFrom){
case DEC_URL:return encoder.decodeFromURL(item);
//case DEC_BASE64:return encoder.decodeFromBase64(item);
case DEC_HTML:return encoder.decodeForHTML(item);
}
throw new ApplicationException("invalid target decoding defintion");
}
catch(EncodingException ee){
throw Caster.toPageException(ee);
}
finally {
System.setOut(out);
}
}
示例11: fixParams
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public String[] fixParams(final String name, final String url, final String[] params) throws ValidationFailedException {
checkNotNull(name);
checkArgument(!name.trim().isEmpty());
checkNotNull(url);
checkArgument(!url.trim().isEmpty());
checkNotNull(params);
checkArgument(params.length != 0, "PVF-BUG-0003: params should always have at least one value");
final String[] retValues = new String[params.length];
for (int paramIndex = 0, paramLength = params.length; paramIndex < paramLength; ++paramIndex) {
final String param = params[paramIndex];
if (param == null) {
retValues[paramIndex] = null;
} else {
final Encoder encoder = DefaultEncoder.getInstance();
final String canonicalized = encoder.canonicalize(param, false);
retValues[paramIndex] = canonicalized;
}
}
return retValues;
}
示例12: postEncode
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Performs HTTP POST based encoding.
*
* @param artifactContext current request context
* @param outTransport outbound HTTP transport
*
* @throws MessageEncodingException thrown if there is a problem POST encoding the artifact
*/
protected void postEncode(SAMLMessageContext artifactContext, HTTPOutTransport outTransport)
throws MessageEncodingException {
log.debug("Performing HTTP POST SAML 2 artifact encoding");
log.debug("Creating velocity context");
VelocityContext context = new VelocityContext();
Encoder esapiEncoder = ESAPI.encoder();
String endpointURL = getEndpointURL(artifactContext).toString();
String encodedEndpointURL = esapiEncoder.encodeForHTMLAttribute(endpointURL);
log.debug("Setting action parameter to: '{}', encoded as '{}'", endpointURL, encodedEndpointURL);
context.put("action", encodedEndpointURL);
context.put("SAMLArt", buildArtifact(artifactContext).base64Encode());
context.put("binding", getBindingURI());
if (checkRelayState(artifactContext.getRelayState())) {
String encodedRelayState = esapiEncoder.encodeForHTMLAttribute(artifactContext.getRelayState());
log.debug("Setting RelayState parameter to: '{}', encoded as '{}'", artifactContext.getRelayState(), encodedRelayState);
context.put("RelayState", encodedRelayState);
}
try {
log.debug("Invoking velocity template");
OutputStreamWriter outWriter = new OutputStreamWriter(outTransport.getOutgoingStream());
velocityEngine.mergeTemplate(velocityTemplateId, "UTF-8", context, outWriter);
} catch (Exception e) {
log.error("Error invoking velocity template to create POST form", e);
throw new MessageEncodingException("Error creating output document", e);
}
}
示例13: encode
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Encode tag's content for usage in a URL.
* @param content The tag's content as a String
* @param enc Encoder used to call
* {@link Encoder#encodeForURL(String)}
* @return content encoded for usage in a URL
* @throws EncodingException if {@link Encoder#encodeForURL(String)} does.
*/
protected String encode(String content, Encoder enc) throws JspTagException
{
try
{
return enc.encodeForURL(content);
}
catch(EncodingException e)
{
throw new JspTagException("Unable to encode to URL encoding", e);
}
}
示例14: encode
import org.owasp.esapi.Encoder; //导入依赖的package包/类
/**
* Encode tag's content using Base64.
* @param content The tag's content as a String
* @param enc Encoder used to call
* {@link Encoder#encodeForBase64(byte[], boolean)}
* @return content encoded in Base64
*/
protected String encode(String content, Encoder enc) throws JspTagException
{
try
{
return enc.encodeForBase64(content.getBytes(encoding), wrap);
}
catch(UnsupportedEncodingException e)
{
throw new JspTagException("Unsupported encoding " + enc,e);
}
}
示例15: getInstance
import org.owasp.esapi.Encoder; //导入依赖的package包/类
public static Encoder getInstance() {
if ( singletonInstance == null ) {
synchronized ( DefaultEncoder.class ) {
if ( singletonInstance == null ) {
singletonInstance = new DefaultEncoder();
}
}
}
return singletonInstance;
}