当前位置: 首页>>代码示例>>Java>>正文

Java ESAPI.currentRequest方法代码示例

本文整理汇总了Java中org.owasp.esapi.ESAPI.currentRequest方法的典型用法代码示例。如果您正苦于以下问题:Java ESAPI.currentRequest方法的具体用法?Java ESAPI.currentRequest怎么用?Java ESAPI.currentRequest使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.owasp.esapi.ESAPI的用法示例。


在下文中一共展示了ESAPI.currentRequest方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: log

import org.owasp.esapi.ESAPI; //导入方法依赖的package包/类
/**
      * Log the message after optionally encoding any special characters that might be dangerous when viewed
      * by an HTML based log viewer. Also encode any carriage returns and line feeds to prevent log 
      * injection attacks. This logs all the supplied parameters plus the user ID, user's source IP, a logging
      * specific session ID, and the current date/time.
      * 
      * It will only log the message if the current logging level is enabled, otherwise it will 
      * discard the message. 
      * 
      * @param level defines the set of recognized logging levels (TRACE, INFO, DEBUG, WARNING, ERROR, FATAL)
      * @param type the type of the event (SECURITY SUCCESS, SECURITY FAILURE, EVENT SUCCESS, EVENT FAILURE)
      * @param message the message
      * @param throwable the throwable
      */
     private void log(Level level, EventType type, String message, Throwable throwable) {
     	
     	// Check to see if we need to log
     	if (!jlogger.isLoggable( level )) return;

         // ensure there's something to log
         if ( message == null ) {
         	message = "";
         }
         
         // ensure no CRLF injection into logs for forging records
         String clean = message.replace( '\n', '_' ).replace( '\r', '_' );
         if ( ESAPI.securityConfiguration().getLogEncodingRequired() ) {
         	clean = ESAPI.encoder().encodeForHTML(message);
             if (!message.equals(clean)) {
                 clean += " (Encoded)";
             }
         }

// log server, port, app name, module name -- server:80/app/module
StringBuilder appInfo = new StringBuilder();
if ( ESAPI.currentRequest() != null && logServerIP ) {
	appInfo.append( ESAPI.currentRequest().getLocalAddr() + ":" + ESAPI.currentRequest().getLocalPort() );
}
if ( logAppName ) {
	appInfo.append( "/" + applicationName );
}
appInfo.append( "/"  + moduleName );

//get the type text if it exists
String typeInfo = "";
if (type != null) {
	typeInfo += type + " ";
}

// log the message
jlogger.log(level, "[" + typeInfo + getUserInfo() + " -> " + appInfo + "] " + clean, throwable);
     }
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:53,代码来源:JavaLogFactory.java

示例2: log

import org.owasp.esapi.ESAPI; //导入方法依赖的package包/类
/**
 * Log the message after optionally encoding any special characters that might be dangerous when viewed
 * by an HTML based log viewer. Also encode any carriage returns and line feeds to prevent log
 * injection attacks. This logs all the supplied parameters plus the user ID, user's source IP, a logging
 * specific session ID, and the current date/time.
 *
 * It will only log the message if the current logging level is enabled, otherwise it will
 * discard the message.
 *
 * @param level defines the set of recognized logging levels (TRACE, INFO, DEBUG, WARNING, ERROR, FATAL)
 * @param type the type of the event (SECURITY SUCCESS, SECURITY FAILURE, EVENT SUCCESS, EVENT FAILURE)
 * @param message the message to be logged
 * @param throwable the {@code Throwable} from which to generate an exception stack trace.
 */
private void log(Level level, EventType type, String message, Throwable throwable) {

	// Check to see if we need to log.
	if (!isEnabledFor(level)) {
		return;
	}

	// ensure there's something to log
	if (message == null) {
		message = "";
	}

	// ensure no CRLF injection into logs for forging records
	String clean = message.replace('\n', '_').replace('\r', '_');
	if (ESAPI.securityConfiguration().getLogEncodingRequired()) {
		clean = ESAPI.encoder().encodeForHTML(message);
		if (!message.equals(clean)) {
			clean += " (Encoded)";
		}
	}

	// log server, port, app name, module name -- server:80/app/module
	StringBuilder appInfo = new StringBuilder();
	if (ESAPI.currentRequest() != null && logServerIP) {
		appInfo.append(ESAPI.currentRequest().getLocalAddr()).append(":").append(ESAPI.currentRequest().getLocalPort());
	}
	if (logAppName) {
		appInfo.append("/").append(applicationName);
	}
	appInfo.append("/").append(getName());

	//get the type text if it exists
	String typeInfo = "";
	if (type != null) {
		typeInfo += type + " ";
	}

	// log the message
	log(level, "[" + typeInfo + getUserInfo() + " -> " + appInfo + "] " + clean, throwable);
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:55,代码来源:Log4JLogger.java


注:本文中的org.owasp.esapi.ESAPI.currentRequest方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。