All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.sling.xss.ProtectionContext Maven / Gradle / Ivy

There is a newer version: 2024.11.18751.20241128T090041Z-241100
Show newest version
/*******************************************************************************
 * Licensed to the Apache Software Foundation (ASF) under one or
 * more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information regarding
 * copyright ownership. The ASF licenses this file to you under the
 * Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain
 * a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0 Unless required by
 * applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 ******************************************************************************/
package org.apache.sling.xss;


/**
 * This enumeration defines the context for executing XSS protection.
 * 

* The specified rules refer to * http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet */ public enum ProtectionContext { /** * Escape HTML for use inside element content (rules #6 and - to some degree - #1), * using a policy to remove potentially malicous HTML */ HTML_HTML_CONTENT("htmlToHtmlContent"), /** * Escape plain text for use inside HTML content (rule #1) */ PLAIN_HTML_CONTENT("plainToHtmlContent"); /** * The name of the protection context */ private final String name; private ProtectionContext(String name) { this.name = name; } /** * Gets the name of the protection context. * * @return The name of the protection context */ public String getName() { return this.name; } /** * Gets a protection context from the specified name. * * @param name The name to get the protection context from * @return The protection context; null if an invalid protection context * has been specified */ public static ProtectionContext fromName(String name) { ProtectionContext[] values = values(); for (ProtectionContext contextToCheck : values) { if (contextToCheck.getName().equals(name)) { return contextToCheck; } } return null; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy