当前位置: 首页>>代码示例>>Java>>正文

Java Encode.forHtml方法代码示例

本文整理汇总了Java中org.owasp.encoder.Encode.forHtml方法的典型用法代码示例。如果您正苦于以下问题:Java Encode.forHtml方法的具体用法?Java Encode.forHtml怎么用?Java Encode.forHtml使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.owasp.encoder.Encode的用法示例。


在下文中一共展示了Encode.forHtml方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: forHtml

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
/**
 * Encodes for HTML text content and text attributes.
 *
 * @param input HTML input, may be null
 *
 * @return Encoded HTML text, empty string if anything goes wrong
 */
public String forHtml( String input )
{
    if( isEmpty( input ) )
    {
        return EMPTY;
    }
    try
    {
        return Encode.forHtml( input );
    }
    catch( Exception ex )
    {
        LOG.error( "Encoding for HTML error, will return empty string: {}", ex.getMessage(), ex );
        return EMPTY;
    }
}
开发者ID:werval,项目名称:werval,代码行数:24,代码来源:Sanitize.java

示例2: doPost

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException {
    String name = request.getParameter("outputEscapedName");

    log.info("Received {} as name", name);

    response.setContentType("text/html");

    try (PrintWriter out = response.getWriter()) {
        out.println("<html><head>");
        out.println("<title>Cross-Site Scripting (XSS) - Output Escaping</title>");
        out.println("<link rel='stylesheet' type='text/css' href='resources/css/styles.css' />");
        out.println("</head>");
        out.println("<body>");
        out.println("<h1>Cross-Site Scripting (XSS) - Output Escaping</h1>");
        out.println("<p title='Hello " + Encode.forHtmlAttribute(name) + "'><strong>Hello </strong>");
        Encode.forHtml(out, name);
        out.println("</p>");
        out.println("<p><a href='index.jsp'>Home</a></p>");
        out.println("</body></html>");
    } catch (IOException ex) {
        log.error(ex.getMessage(), ex);
    }
}
开发者ID:dschadow,项目名称:JavaSecurity,代码行数:25,代码来源:OutputEscapedServlet.java

示例3: testGetJobStatusServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testGetJobStatusServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( GetJobStatusServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  getJobStatusServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );

  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );
  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );

}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:22,代码来源:GetJobStatusServletTest.java

示例4: testStopJobServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testStopJobServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StopJobServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  stopJobServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:StopJobServletTest.java

示例5: testRemoveTransServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testRemoveTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( RemoveTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  removeTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:RemoveTransServletTest.java

示例6: testPauseTransServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testPauseTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( PauseTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  pauseTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:PauseTransServletTest.java

示例7: testCleanupTransServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testCleanupTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );
  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( CleanupTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  cleanupTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );

  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );
  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:19,代码来源:CleanupTransServletTest.java

示例8: testRemoveJobServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testRemoveJobServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( RemoveJobServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  removeJobServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:RemoveJobServletTest.java

示例9: testStopTransServletEscapesHtmlWhenTransFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testStopTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StopTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.getLogChannelId() ).thenReturn( "test" );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  stopTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:29,代码来源:StopTransServletTest.java

示例10: testStartTransServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testStartTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  startTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:StartTransServletTest.java

示例11: testStartTransServletEscapesHtmlWhenTransFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testStartTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.getLogChannelId() ).thenReturn( "test" );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  startTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:29,代码来源:StartTransServletTest.java

示例12: testGetTransStatusServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testGetTransStatusServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( GetTransStatusServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  getTransStatusServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:GetTransStatusServletTest.java

示例13: testStartJobServletEscapesHtmlWhenTransNotFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testStartJobServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartJobServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  startJobServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:21,代码来源:StartJobServletTest.java

示例14: testRemoveTransServletEscapesHtmlWhenTransFound

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
@PrepareForTest( { Encode.class } )
public void testRemoveTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( RemoveTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.getLogChannelId() ).thenReturn( "test" );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  removeTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H3", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
开发者ID:pentaho,项目名称:pentaho-kettle,代码行数:29,代码来源:RemoveTransServletTest.java

示例15: escape

import org.owasp.encoder.Encode; //导入方法依赖的package包/类
/**
 * Eliminate dangerous chars in node name.
 * TODO Keep on sync with uploader:com.openkm.applet.Util.escape(String)
 * TODO Keep on sync with wsImporter:com.openkm.importer.Util.escape(String)
 */
public static String escape(String name) {
	String ret = cleanup(name);

	// Fix XSS issues
	ret = Encode.forHtml(ret);

	return ret;
}
开发者ID:openkm,项目名称:document-management-system,代码行数:14,代码来源:PathUtils.java


注:本文中的org.owasp.encoder.Encode.forHtml方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。