当前位置: 首页>>代码示例>>Java>>正文


Java Policy.getInstance方法代码示例

本文整理汇总了Java中org.owasp.validator.html.Policy.getInstance方法的典型用法代码示例。如果您正苦于以下问题:Java Policy.getInstance方法的具体用法?Java Policy.getInstance怎么用?Java Policy.getInstance使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.owasp.validator.html.Policy的用法示例。


在下文中一共展示了Policy.getInstance方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: XSSSanitize

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
public static String XSSSanitize(String html, String policyString)
		throws Exception {
	if (html == null)
		return "";
	if (policyString == null)
		throw new Exception("Unable to perform XSS sanitization: policyString is null");
	
	String filename = Core.getConfiguration().getResourcesPath() + File.separator
			+ "communitycommons" + File.separator + "antisamy"
			+ File.separator + "antisamy-" + policyString + "-1.4.4.xml";

	AntiSamy as = new AntiSamy(); // Create AntiSamy object
	Policy p = Policy.getInstance(filename);
	try {
		CleanResults cr = as.scan(html, p, AntiSamy.SAX);
		return cr.getCleanHTML();
	} catch (Exception e) {
		throw new Exception("Unable to perform XSS sanitization: "
				+ e.getMessage(), e);
	}
}
 
开发者ID:appronto,项目名称:RedisConnector,代码行数:22,代码来源:StringUtils.java

示例2: XSSSanitize

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
public static String XSSSanitize(String html, String policyString)
		throws Exception {
	if (html == null)
		return "";
	if (policyString == null)
		throw new Exception("Unable to perform XSS sanitization: policyString is null");

	String filename = Core.getConfiguration().getResourcesPath() + File.separator
			+ "communitycommons" + File.separator + "antisamy"
			+ File.separator + "antisamy-" + policyString + "-1.4.4.xml";

	AntiSamy as = new AntiSamy(); // Create AntiSamy object
	Policy p = Policy.getInstance(filename);
	try {
		CleanResults cr = as.scan(html, p, AntiSamy.SAX);
		return cr.getCleanHTML();
	} catch (Exception e) {
		throw new Exception("Unable to perform XSS sanitization: "
				+ e.getMessage(), e);
	}
}
 
开发者ID:mendix,项目名称:CommunityCommons,代码行数:22,代码来源:StringUtils.java

示例3: AntiSamyFilter

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
public AntiSamyFilter() {
    try {
        InputStream is = this.getClass().getResourceAsStream("/antisamy/antisamy-ebay.xml");
        Policy policy = Policy.getInstance(is);
        antiSamy = new AntiSamy(policy);
    } catch (PolicyException e) {
        throw new IllegalStateException(e.getMessage(), e);
    }
}
 
开发者ID:simbest,项目名称:simbest-cores,代码行数:10,代码来源:AntiSamyFilter.java

示例4: getAntiSamyPolicy

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
private static Policy getAntiSamyPolicy(String policyFileLocation) {
    try {
        URL url = new URL(null, policyFileLocation, new Handler());
        return Policy.getInstance(url);
    } catch (Exception e) {
        throw new RuntimeException("Unable to create URL", e);
    }
}
 
开发者ID:passion1014,项目名称:metaworks_framework,代码行数:9,代码来源:ExploitProtectionServiceImpl.java

示例5: getPolicy

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
public static Policy getPolicy() throws PolicyException, ServiceException {
    if (policy == null) {
        ClassPathResource classPathResource = new ClassPathResource("/antisamy/spark-antisamy.xml");
        if (classPathResource == null || !classPathResource.exists()) {
            throw new ServiceException("spark-antisamy.xml is not exists!");
        }
        InputStream policyFile = XssClean.class.getResourceAsStream("/antisamy/spark-antisamy.xml");
        if (policyFile == null) {
            throw new ServiceException("spark-antisamy.xml is not exists!");
        }
        policy = Policy.getInstance(policyFile);
    }
    return policy;
}
 
开发者ID:wanghuizi,项目名称:fengduo,代码行数:15,代码来源:XssClean.java

示例6: afterPropertiesSet

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
public void afterPropertiesSet() throws Exception {
	policy = Policy.getInstance(policyFile.getInputStream());
}
 
开发者ID:RBGKew,项目名称:eMonocot,代码行数:4,代码来源:HtmlSanitizer.java

示例7: createPost

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
/**
 * creates a new survey definition
 * @param proceed
 * @param surveyDefinition
 * @param bindingResult
 * @param uiModel
 * @param httpServletRequest
 * @param principal
 * @return
 */
@Secured({"ROLE_ADMIN","ROLE_SURVEY_ADMIN"})
@RequestMapping(method = RequestMethod.POST, produces = "text/html")
public String createPost (@RequestParam(value = "_proceed", required = false) String proceed,
						  @Valid SurveyDefinition surveyDefinition, 
						  BindingResult bindingResult, 
						  Principal principal,
						  Model uiModel, 
						  HttpServletRequest httpServletRequest){
	try {
		String login = principal.getName();
		User user = userService.user_findByLogin(login);
		//Check if the user is authorized
		if(!securityService.userBelongsToDepartment(surveyDefinition.getDepartment().getId(), user) &&
			!securityService.userIsAuthorizedToManageSurvey(surveyDefinition.getId(), user)	) {
			log.warn("Unauthorized access to url path " + httpServletRequest.getPathInfo() + " attempted by user login:" + principal.getName() + "from IP:" + httpServletRequest.getLocalAddr());
			return "accessDenied";	
		}

		if(proceed != null){
			if (bindingResult.hasErrors()) {
				populateEditForm(uiModel, surveyDefinition, user);
				return "settings/surveyDefinitions/create";
			}	
			if (!surveySettingsService.surveyDefinition_ValidateNameIsUnique(surveyDefinition)) {
				bindingResult.rejectValue("name", "field_unique");
				populateEditForm(uiModel, surveyDefinition, user);
				return "settings/surveyDefinitions/create";
			}
			
			//if(surveyDefinition.getSendAutoReminders() == true){
				//bindingResult.rejectValue("autoRemindersWeeklyOccurrence", "field_unique");
				
		//	}	
			
			
			Policy emailTemplatePolicy = Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
			AntiSamy emailAs = new AntiSamy();
			CleanResults crEmail = emailAs.scan(surveyDefinition.getEmailInvitationTemplate(), emailTemplatePolicy);
			surveyDefinition.setEmailInvitationTemplate(crEmail.getCleanHTML());
			
			Policy completedSurveyPolicy = Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
			AntiSamy completedSurveyAs = new AntiSamy();
			CleanResults crCompletedSurvey = completedSurveyAs.scan(surveyDefinition.getCompletedSurveyTemplate(), completedSurveyPolicy);
			surveyDefinition.setCompletedSurveyTemplate(crCompletedSurvey.getCleanHTML());
			
		
			
			uiModel.asMap().clear();
			surveyDefinition = surveySettingsService.surveyDefinition_merge(surveyDefinition);
			return "redirect:/settings/surveyDefinitions/" + encodeUrlPathSegment(surveyDefinition.getId().toString(), httpServletRequest );
		}
		else{
			return "redirect:/settings/surveyDefinitions";
		}
	}

	catch (Exception e) {
		log.error(e.getMessage(),e);
		throw (new RuntimeException(e));
	}
}
 
开发者ID:JD-Software,项目名称:JDeSurvey,代码行数:72,代码来源:SurveyDefinitionController.java

示例8: update

import org.owasp.validator.html.Policy; //导入方法依赖的package包/类
/**
 * Updates a survey definition   
 * @param proceed
 * @param surveyDefinition
 * @param bindingResult
 * @param uiModel
 * @param httpServletRequest
 * @param principal
 * @return
 */
@Secured({"ROLE_ADMIN","ROLE_SURVEY_ADMIN"})
@RequestMapping(method = RequestMethod.PUT, produces = "text/html")
public String update(@RequestParam(value = "_proceed", required = false) String proceed,
					 @Valid SurveyDefinition surveyDefinition, 
					 BindingResult bindingResult,
					 Principal principal,
					 Model uiModel, 
					 HttpServletRequest httpServletRequest) {
	
	
	try{
		String login = principal.getName();
		User user = userService.user_findByLogin(login);
		//Check if the user is authorized
		if(!securityService.userIsAuthorizedToManageSurvey(surveyDefinition.getId(), user) &&
		   !securityService.userBelongsToDepartment(surveyDefinition.getDepartment().getId(), user)	) {
			log.warn("Unauthorized access to url path " + httpServletRequest.getPathInfo() + " attempted by user login:" + principal.getName() + "from IP:" + httpServletRequest.getLocalAddr());
			return "accessDenied";	
		}
		
		if(proceed != null){
			if (bindingResult.hasErrors()) {
				populateEditForm(uiModel, surveyDefinition, user);
				return "settings/surveyDefinitions/update";
			}
			if (!surveySettingsService.surveyDefinition_ValidateNameIsUnique(surveyDefinition)) {
				bindingResult.rejectValue("name", "field_unique");
				populateEditForm(uiModel, surveyDefinition, user);
				return "settings/surveyDefinitions/update";
			}
			System.out.println("!!!!!!!!! MD: " + surveyDefinition.getAllowMultipleSubmissions() + " #################### PUB: " + surveyDefinition.getIsPublic());
			Policy emailTemplatePolicy = Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
			AntiSamy emailAs = new AntiSamy();
			CleanResults crEmail = emailAs.scan(surveyDefinition.getEmailInvitationTemplate(), emailTemplatePolicy);
			surveyDefinition.setEmailInvitationTemplate(crEmail.getCleanHTML());
			
			Policy completedSurveyPolicy = Policy.getInstance(this.getClass().getResource(POLICY_FILE_LOCATION));
			AntiSamy completedSurveyAs = new AntiSamy();
			CleanResults crCompletedSurvey = completedSurveyAs.scan(surveyDefinition.getCompletedSurveyTemplate(), completedSurveyPolicy);
			surveyDefinition.setCompletedSurveyTemplate(crCompletedSurvey.getCleanHTML());
						
			
			uiModel.asMap().clear();
			surveyDefinition = surveySettingsService.surveyDefinition_merge(surveyDefinition);
			System.out.println("!!!!!!!!! MD: " + surveyDefinition.getAllowMultipleSubmissions() + " #################### PUB: " + surveyDefinition.getIsPublic());
			return "settings/surveyDefinitions/saved";
			

		}else{
			return "redirect:/settings/surveyDefinitions/" + encodeUrlPathSegment(surveyDefinition.getId().toString(), httpServletRequest);
		}
	} catch (Exception e) {
		log.error(e.getMessage(),e);
		throw (new RuntimeException(e));
	}
}
 
开发者ID:JD-Software,项目名称:JDeSurvey,代码行数:67,代码来源:SurveyDefinitionController.java


注:本文中的org.owasp.validator.html.Policy.getInstance方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。