Class HTMLValidationRule
- java.lang.Object
-
- org.owasp.esapi.reference.validation.BaseValidationRule
-
- org.owasp.esapi.reference.validation.StringValidationRule
-
- org.owasp.esapi.reference.validation.HTMLValidationRule
-
- All Implemented Interfaces:
ValidationRule
public class HTMLValidationRule extends StringValidationRule
A validator performs syntax and possibly semantic validation of a single piece of data from an untrusted source.- Since:
- June 1, 2007
- Author:
- Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security
- See Also:
Validator
-
-
Field Summary
-
Fields inherited from class org.owasp.esapi.reference.validation.StringValidationRule
blacklistPatterns, maxLength, minLength, validateInputAndCanonical, whitelistPatterns
-
Fields inherited from class org.owasp.esapi.reference.validation.BaseValidationRule
allowNull, encoder
-
-
Constructor Summary
Constructors Constructor Description HTMLValidationRule(java.lang.String typeName)
HTMLValidationRule(java.lang.String typeName, Encoder encoder)
HTMLValidationRule(java.lang.String typeName, Encoder encoder, java.lang.String whitelistPattern)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getValid(java.lang.String context, java.lang.String input)
Parse the input, throw exceptions if validation failsjava.lang.String
sanitize(java.lang.String context, java.lang.String input)
The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care).-
Methods inherited from class org.owasp.esapi.reference.validation.StringValidationRule
addBlacklistPattern, addBlacklistPattern, addWhitelistPattern, addWhitelistPattern, setMaximumLength, setMinimumLength, setValidateInputAndCanonical
-
Methods inherited from class org.owasp.esapi.reference.validation.BaseValidationRule
assertValid, charArrayToSet, getEncoder, getSafe, getTypeName, getValid, isAllowNull, isValid, setAllowNull, setEncoder, setTypeName, whitelist, whitelist
-
-
-
-
Constructor Detail
-
HTMLValidationRule
public HTMLValidationRule(java.lang.String typeName)
-
HTMLValidationRule
public HTMLValidationRule(java.lang.String typeName, Encoder encoder)
-
HTMLValidationRule
public HTMLValidationRule(java.lang.String typeName, Encoder encoder, java.lang.String whitelistPattern)
-
-
Method Detail
-
getValid
public java.lang.String getValid(java.lang.String context, java.lang.String input) throws ValidationException
Parse the input, throw exceptions if validation fails- Specified by:
getValid
in interfaceValidationRule
- Overrides:
getValid
in classStringValidationRule
- Parameters:
context
- for logginginput
- the value to be parsed- Returns:
- a validated value
- Throws:
ValidationException
- if any validation rules fail
-
sanitize
public java.lang.String sanitize(java.lang.String context, java.lang.String input)
The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care). In most cases this should be the same as the getSafe method only instead of throwing an exception, return some default value.- Overrides:
sanitize
in classStringValidationRule
- Returns:
- a parsed version of the input or a default value.
-
-