本文整理汇总了Java中org.owasp.encoder.Encode.forJavaScriptSource方法的典型用法代码示例。如果您正苦于以下问题:Java Encode.forJavaScriptSource方法的具体用法?Java Encode.forJavaScriptSource怎么用?Java Encode.forJavaScriptSource使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.owasp.encoder.Encode的用法示例。
在下文中一共展示了Encode.forJavaScriptSource方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testEncoder
import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Test
public void testEncoder() throws Exception {
String s1 = "keep-alive";
String s2 = "text/html";
Assert.assertEquals(Encode.forJavaScriptSource(s1), s1);
Assert.assertEquals(Encode.forJavaScriptSource(s2), s2);
//Assert.assertEquals(Encode.forJavaScriptBlock(s1), s1);
//Assert.assertEquals(Encode.forJavaScriptBlock(s2), s2);
String s3 = "<script>alert('test')</script>";
String e3 = Encode.forJavaScriptSource(s3);
System.out.println("source = " + e3);
String e4 = Encode.forJavaScriptAttribute(s3);
System.out.println("attribute = " + e4);
String e5 = Encode.forJavaScriptBlock(s3);
System.out.println("block = " + e5);
String e6 = Encode.forJavaScript(e3);
System.out.println("script = " + e6);
Assert.assertNotEquals(e3, s3);
String s7 = "<script>location.href=\"respources.html\"</script>";
String e7 = Encode.forJavaScriptSource(s7);
System.out.println("e7 = " + e7);
}
示例2: handleRequest
import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
String method = exchange.getRequestMethod().toString();
if(config.isSanitizeHeader()) {
HeaderMap headerMap = exchange.getRequestHeaders();
if(headerMap != null) {
for (HeaderValues values : headerMap) {
if (values != null) {
ListIterator<String> itValues = values.listIterator();
while (itValues.hasNext()) {
String value = Encode.forJavaScriptSource(itValues.next());
itValues.set(value);
}
}
}
}
}
/*
It looks like undertow has done a lot of things to prevent passing in invalid query parameters,
Until there are some use cases, this is not implemented.
if(config.isSanitizeParameter()) {
if (!exchange.getQueryString().isEmpty()) {
final TreeMap<String, Deque<String>> newParams = new TreeMap<>();
for (Map.Entry<String, Deque<String>> param : exchange.getQueryParameters().entrySet()) {
final Deque<String> newVales = new ArrayDeque<>(param.getValue().size());
for (String val : param.getValue()) {
newVales.add(Encode.forJavaScriptSource(val));
}
newParams.put(param.getKey(), newVales);
}
exchange.getQueryParameters().clear();
exchange.getQueryParameters().putAll(newParams);
}
}
*/
if(config.isSanitizeBody() && ("POST".equalsIgnoreCase(method) || "PUT".equalsIgnoreCase(method) || "PATCH".equalsIgnoreCase(method))) {
// assume that body parser is installed before this middleware and body is parsed as a map.
// we are talking about JSON api now.
Object body = exchange.getAttachment(BodyHandler.REQUEST_BODY);
if(body != null) {
if(body instanceof List) {
encodeList((List<Map<String, Object>>)body);
} else {
// assume it is a map here.
encodeNode((Map<String, Object>)body);
}
}
}
next.handleRequest(exchange);
}
示例3: doTag
import org.owasp.encoder.Encode; //导入方法依赖的package包/类
@Override
public void doTag() throws JspException, IOException {
Encode.forJavaScriptSource(getJspContext().getOut(), _value);
}