Add Source Code Linter Pipeline
This commit is contained in:
parent
0d0e7140c4
commit
d252f6ef50
313 changed files with 36277 additions and 0 deletions
83
screwdriver-3.5.6/box/snippets/java/HttpRequestWrapper.java
Normal file
83
screwdriver-3.5.6/box/snippets/java/HttpRequestWrapper.java
Normal file
|
|
@ -0,0 +1,83 @@
|
|||
package +zoccolo+.web.servlet;
|
||||
|
||||
import +zoccolo+.web.listener.AntiSamyListener;
|
||||
|
||||
import +zoccolo+.web.sanitizer.XssSanitizer;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletRequestWrapper;
|
||||
|
||||
import org.owasp.validator.html.CleanResults;
|
||||
import org.owasp.validator.html.PolicyException;
|
||||
import org.owasp.validator.html.ScanException;
|
||||
|
||||
public class HttpRequestWrapper extends HttpServletRequestWrapper {
|
||||
|
||||
private XssSanitizer sanitizer;
|
||||
|
||||
public HttpRequestWrapper(HttpServletRequest servletRequest) {
|
||||
super(servletRequest);
|
||||
this.sanitizer = (XssSanitizer)
|
||||
this.getSession().getServletContext().
|
||||
getAttribute(AntiSamyListener.ANTISAMY_SANITIZER);
|
||||
if(this.sanitizer == null)
|
||||
throw new RuntimeException("Antisamy is not bound in ServletContext");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getParameterValues(String parameter) {
|
||||
String[] retVal = null;
|
||||
String[] values = super.getParameterValues(parameter);
|
||||
if(values != null)
|
||||
{
|
||||
retVal = new String[values.length];
|
||||
for(int i = 0; i < values.length; i++)
|
||||
{
|
||||
if(values[i] != null)
|
||||
retVal[i] = this.cleanXss(values[i]);
|
||||
else
|
||||
retVal[i] = values[i];
|
||||
}
|
||||
}
|
||||
return retVal;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getParameter(String parameter) {
|
||||
String paramValue = super.getParameter(parameter);
|
||||
if(paramValue != null)
|
||||
return this.cleanXss(paramValue);
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getHeader(String name) {
|
||||
String value = super.getHeader(name);
|
||||
if(value != null)
|
||||
return this.cleanXss(value);
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
private String cleanXss(String parameterValue){
|
||||
String retVal = null;
|
||||
if(parameterValue != null) {
|
||||
try
|
||||
{
|
||||
CleanResults cr = this.sanitizer.scan(parameterValue);
|
||||
retVal = cr.getCleanHTML();
|
||||
}
|
||||
catch (ScanException e)
|
||||
{
|
||||
throw new RuntimeException("ScanException: "+e.getMessage());
|
||||
}
|
||||
catch (PolicyException e)
|
||||
{
|
||||
throw new RuntimeException("ScanException: "+e.getMessage());
|
||||
}
|
||||
}
|
||||
return retVal;
|
||||
}
|
||||
/* screwdriver_knife */
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue