Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

info.magnolia.util
Class EscapeUtil

java.lang.Object
  extended by info.magnolia.util.EscapeUtil

public final class EscapeUtil
extends Object

Utilities to escaping characters for preventing XSS attack.

This class escapes only & (&), "("), <(<), >(>) and '(') characters. Others characters are left untouched. See rule #1 at XSS_Prevention_Rules.

Use when StringEscapeUtils cannot be used because of escaping more or less character entities.

Method Summary
static String escapeXss(String str)
           
static String[] escapeXss(String[] str)
           
static String unescapeXss(String str)
           
static String[] unescapeXss(String[] str)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

escapeXss

public static String escapeXss(String str)

unescapeXss

public static String unescapeXss(String str)

escapeXss

public static String[] escapeXss(String[] str)

unescapeXss

public static String[] unescapeXss(String[] str)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2014 Magnolia International Ltd.. All Rights Reserved.