• Home
• com.adobe.aem
• uber-jar
• 6.4.4
• source code
• ProtectionContext.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.day.cq.xss.ProtectionContext Maven / Gradle / Ivy

/*************************************************************************
 *
 * ADOBE CONFIDENTIAL
 * __________________
 *
 *  Copyright 2011 Adobe Systems Incorporated
 *  All Rights Reserved.
 *
 * NOTICE:  All information contained herein is, and remains
 * the property of Adobe Systems Incorporated and its suppliers,
 * if any.  The intellectual and technical concepts contained
 * herein are proprietary to Adobe Systems Incorporated and its
 * suppliers and are protected by trade secret or copyright law.
 * Dissemination of this information or reproduction of this material
 * is strictly forbidden unless prior written permission is obtained
 * from Adobe Systems Incorporated.
 **************************************************************************/
package com.day.cq.xss;

/**
 * This enumeration defines the context for executing XSS protection.
 * 

 * The specified rules refer to
 * http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
 *
 * @since 5.4
 * @deprecated
 */
public enum ProtectionContext {

    /*
     * Escape plain text for use inside a HTML attribute (rule #2)
     */
    // PLAIN_HTML_ATTRIBUTE("plainToHtmlAttribute"),

    /*
     * Escape plain text for use inside a JavaScript String (rule #3)
     */
    // PLAIN_JS_STRING("plainToJSString"),

    /**
     * Escape HTML for use inside element content (rules #6 and - to some degree - #1),
     * using a policy to remove potentially malicous HTML
     */
    HTML_HTML_CONTENT("htmlToHtmlContent"),

    /**
     * Escape plain text for use inside HTML content (rule #1)
     */
    PLAIN_HTML_CONTENT("plainToHtmlContent");

    /**
     * The name of the protection context (used by the taglib)
     */
    private String name;

    private ProtectionContext(String name) {
        this.name = name;
    }

    /**
     * Gets the name of the protection context.
     *
     * @return The name of the protection context
     */
    public String getName() {
        return this.name;
    }

    /**
     * Gets a protection context from the specified name.
     *
     * @param name The name to get the protection context from
     * @return The protection context; null if an invalid protection context
     *         has been specified
     */
    public static ProtectionContext fromName(String name) {
        ProtectionContext[] values = values();
        for (ProtectionContext contextToCheck : values) {
            if (contextToCheck.getName().equals(name)) {
                return contextToCheck;
            }
        }
        return null;
    }

}