Owasp Esapi Logger Java Example
Best Java code snippets using org.owasp.esapi.ESAPI (Showing top 20 results out of 315)
public static String sanitize(String string) { if (string == null) { return "NULL" ; } String sanitized = string.replace( '\n' , '_' ).replace( '\r' , '_' ); return ESAPI. encoder ().encodeForHTML(sanitized); } }
@Override public void addCookie(Cookie arg0) { ESAPI. httpUtilities ().addCookie(response, arg0); }
public static void validateUrl(String url, HttpServletRequest request) throws IOException { String serverName = request.getServerName(); String port = ":" + request.getServerPort(); String scheme = request.getScheme() + "://" ; String relativeUrl = url.replace(scheme, "" ).replace(serverName, "" ).replace(port, "" ); if (! "/" .equals(relativeUrl) && !ESAPI. validator ().isValidRedirectLocation( "Redirect" , relativeUrl, false )) { throw new IOException( "Redirect failed" ); } }
public String getUserInfo() { String sid = null; HttpServletRequest request = ESAPI. httpUtilities ().getCurrentRequest(); if (request != null) { HttpSession session = request.getSession( false ); if (session != null) { sid = (String) session.getAttribute( "ESAPI_SESSION" ); if (sid == null) { sid = "" + ESAPI. randomizer ().getRandomInteger( 0 , 1000000 ); session.setAttribute( "ESAPI_SESSION" , sid); } } } User user = ESAPI. authenticator ().getCurrentUser(); String userInfo = "" ; if (user != null) { userInfo += user.getAccountName() + ":" + sid + "@" + user.getLastHostAddress(); } return userInfo; }
public boolean isValidRedirectLocation(String context, String input, boolean allowNull, ValidationErrorList errors) throws IntrusionException { SecurityConfiguration sc = ESAPI. securityConfiguration (); return ESAPI. validator ().isValidInput( context, input, "Redirect" , sc.getIntProp( "HttpUtilities.maxRedirectLength" ), allowNull, errors); }
public String resetCSRFToken() throws AuthenticationException { csrfToken = ESAPI. randomizer ().getRandomString( 8 , EncoderConstants.CHAR_ALPHANUMERICS); return csrfToken; }
public DefaultUser(String accountName) { this .accountName = accountName.toLowerCase(); while ( true ) { long id = Math.abs( ESAPI. randomizer ().getRandomLong() ); if ( ESAPI. authenticator ().getUser( id ) == null && id != 0 ) { this .accountId = id; break ; } } }
public String getUserInfo() { String sid = null; HttpServletRequest request = ESAPI. httpUtilities ().getCurrentRequest(); if (request != null) { HttpSession session = request.getSession( false ); if (session != null) { sid = (String) session.getAttribute( "ESAPI_SESSION" ); if (sid == null) { sid = "" + ESAPI. randomizer ().getRandomInteger( 0 , 1000000 ); session.setAttribute( "ESAPI_SESSION" , sid); } } } User user = ESAPI. authenticator ().getCurrentUser(); String userInfo = "" ; if (user != null) { userInfo += user.getAccountName() + ":" + sid + "@" + user.getLastHostAddress(); } return userInfo; }
public String getValidRedirectLocation(String context, String input, boolean allowNull) throws ValidationException, IntrusionException { SecurityConfiguration sc = ESAPI. securityConfiguration (); return ESAPI. validator ().getValidInput( context, input, "Redirect" , sc.getIntProp( "HttpUtilities.maxRedirectLength" ), allowNull); }
public String resetCSRFToken() throws AuthenticationException { csrfToken = ESAPI. randomizer ().getRandomString( 8 , EncoderConstants.CHAR_ALPHANUMERICS); return csrfToken; }
public DefaultUser(String accountName) { this .accountName = accountName.toLowerCase(); while ( true ) { long id = Math.abs( ESAPI. randomizer ().getRandomLong() ); if ( ESAPI. authenticator ().getUser( id ) == null && id != 0 ) { this .accountId = id; break ; } } }
public DefaultValidator() { this .encoder = ESAPI. encoder (); }
@Override public void addHeader(String arg0, String arg1) { ESAPI. httpUtilities ().addHeader(response, arg0, arg1); }
public String getUserInfo() { String sid = null; HttpServletRequest request = ESAPI. httpUtilities ().getCurrentRequest(); if ( request != null ) { HttpSession session = request.getSession( false ); if ( session != null ) { sid = (String)session.getAttribute( "ESAPI_SESSION" ); if ( sid == null ) { sid = "" + ESAPI. randomizer ().getRandomInteger( 0 , 1000000 ); session.setAttribute( "ESAPI_SESSION" , sid); } } } User user = ESAPI. authenticator ().getCurrentUser(); String userInfo = "" ; if ( user != null) { userInfo += user.getAccountName()+ ":" + sid + "@" + user.getLastHostAddress(); } return userInfo; }
public boolean isValidRedirectLocation(String context, String input, boolean allowNull, ValidationErrorList errors) throws IntrusionException { return ESAPI. validator ().isValidInput( context, input, "Redirect" , 512 , allowNull, errors); }
public boolean isValidRedirectLocation(String context, String input, boolean allowNull) throws IntrusionException { SecurityConfiguration sc = ESAPI. securityConfiguration (); return ESAPI. validator ().isValidInput( context, input, "Redirect" , sc.getIntProp( "HttpUtilities.maxRedirectLength" ), allowNull); }
public static String createXSRFToken( final HttpServletRequest request) throws IOException { HttpSession session = request.getSession( false ); String xsrfSessionToken = (String) session .getAttribute(XSRF_TOKEN_NAME); if (xsrfSessionToken == null) { long value = System.currentTimeMillis() + ESAPI. randomizer ().getRandomLong(); char ids[] = session.getId().toCharArray(); for ( int i = 0 ; i < ids.length; i++) { value += ids[i] * (i + 1 ); } xsrfSessionToken = Long.toString(value); session.setAttribute(XSRF_TOKEN_NAME, xsrfSessionToken); } return xsrfSessionToken; }
public DefaultValidator() { this .encoder = ESAPI. encoder (); }
Source: https://www.tabnine.com/code/java/classes/org.owasp.esapi.ESAPI
0 Response to "Owasp Esapi Logger Java Example"
Post a Comment