Overview  Package   Class  Tree  Deprecated  Index  Help 
Apache Tomcat 7.0.28
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.jasper.security
Class SecurityUtil

java.lang.Object
  extended by org.apache.jasper.security.SecurityUtil

public final class SecurityUtil
extends Object

Util class for Security related operations.

Author:
Jean-Francois Arcand

Constructor Summary
SecurityUtil()
           
 
Method Summary
static String filter(String message)
          Filter the specified message string for characters that are sensitive in HTML.
static boolean isPackageProtectionEnabled()
          Return the SecurityManager only if Security is enabled AND package protection mechanism is enabled.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityUtil

public SecurityUtil()
Method Detail

isPackageProtectionEnabled

public static boolean isPackageProtectionEnabled()
Return the SecurityManager only if Security is enabled AND package protection mechanism is enabled.

filter

public static String filter(String message)
Filter the specified message string for characters that are sensitive in HTML. This avoids potential attacks caused by including JavaScript codes in the request URL that is often reported in error messages.

Parameters:
message - The message string to be filtered
Overview  Package   Class  Tree  Deprecated  Index  Help 
Apache Tomcat 7.0.28
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2000-2012 Apache Software Foundation. All Rights Reserved.