A C D E F G H I L M O P Q R S U V X
All Classes All Packages
All Classes All Packages
All Classes All Packages
A
- activate() - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- activate(ComponentContext, XSSFilterImpl.Configuration) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- ALPHA - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- AttributeTranslatingTransformerFactoryImpl - Class in org.apache.sling.xss.impl
-
Translates configuration calls to specific unsupported attributes to the
XMLConstants.FEATURE_SECURE_PROCESSING
feature - AttributeTranslatingTransformerFactoryImpl() - Constructor for class org.apache.sling.xss.impl.AttributeTranslatingTransformerFactoryImpl
- AUTHORITY - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
C
- check(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.HtmlToHtmlContentContext
- check(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
- check(PolicyHandler, String) - Method in interface org.apache.sling.xss.impl.XSSFilterRule
-
Check to see if a given string contains policy violations.
- check(ProtectionContext, String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- check(ProtectionContext, String) - Method in interface org.apache.sling.xss.XSSFilter
-
Indicates whether or not a given source string contains XSS policy violations.
D
- deactivate() - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- deactivate() - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- DEC_OCTET - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- DEFAULT_CONTEXT - Static variable in interface org.apache.sling.xss.XSSFilter
-
Default context.
E
- encodeForCSSString(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Encodes a source string for writing to CSS string content.
- encodeForCSSString(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- encodeForHTML(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Encodes a source string for HTML element content.
- encodeForHTML(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- encodeForHTMLAttr(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Encodes a source string for writing to an HTML attribute value.
- encodeForHTMLAttr(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- encodeForJSString(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Encodes a source string for writing to JavaScript string content.
- encodeForJSString(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- encodeForXML(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Encodes a source string for XML element content.
- encodeForXML(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- encodeForXMLAttr(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Encodes a source string for writing to an XML attribute value.
- encodeForXMLAttr(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
F
- FallbackATag - Class in org.apache.sling.xss.impl
- FallbackATag(Tag) - Constructor for class org.apache.sling.xss.impl.FallbackATag
- FallbackSlingPolicy - Class in org.apache.sling.xss.impl
- FallbackSlingPolicy(InputStream) - Constructor for class org.apache.sling.xss.impl.FallbackSlingPolicy
- filter(String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- filter(String) - Method in interface org.apache.sling.xss.XSSFilter
-
Prevents the given source string from containing XSS stuff.
- filter(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.HtmlToHtmlContentContext
- filter(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
- filter(PolicyHandler, String) - Method in interface org.apache.sling.xss.impl.XSSFilterRule
-
Filter a given string to remove any policy violations.
- filter(ProtectionContext, String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- filter(ProtectionContext, String) - Method in interface org.apache.sling.xss.XSSFilter
-
Protects the given source string from containing XSS stuff.
- filterHTML(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Filters potentially user-contributed HTML to meet the AntiSamy policy rules currently in effect for HTML output (see the XSSFilter service for details).
- filterHTML(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- FRAGMENT - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- fromName(String) - Static method in enum org.apache.sling.xss.ProtectionContext
-
Gets a protection context from the specified name.
G
- getAction() - Method in class org.apache.sling.xss.impl.FallbackATag
- getActivePolicy() - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- getAntiSamy() - Method in class org.apache.sling.xss.impl.PolicyHandler
- getAttributeByName(String) - Method in class org.apache.sling.xss.impl.FallbackATag
- getFallbackAntiSamy() - Method in class org.apache.sling.xss.impl.PolicyHandler
- getName() - Method in class org.apache.sling.xss.impl.FallbackATag
- getName() - Method in enum org.apache.sling.xss.ProtectionContext
-
Gets the name of the protection context.
- getPath() - Method in class org.apache.sling.xss.impl.XSSFilterImpl.AntiSamyPolicy
- getPolicy() - Method in class org.apache.sling.xss.impl.PolicyHandler
- getRegularExpression() - Method in class org.apache.sling.xss.impl.FallbackATag
- getTagByLowercaseName(String) - Method in class org.apache.sling.xss.impl.FallbackSlingPolicy
- getValidCSSColor(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a CSS color value.
- getValidCSSColor(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidDimension(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a string which should contain a dimension, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
- getValidDimension(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidDouble(String, double) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a string which should contain an double, returning a default value if the source is
null
, empty, can't be parsed, or contains XSS risks. - getValidDouble(String, double) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidHref(String) - Method in interface org.apache.sling.xss.XSSAPI
-
Sanitizes a URL for writing as an HTML href or src attribute value.
- getValidHref(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidInteger(String, int) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a string which should contain an integer, returning a default value if the source is
null
, empty, can't be parsed, or contains XSS risks. - getValidInteger(String, int) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidJSON(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a JSON string
- getValidJSON(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidJSToken(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a Javascript token.
- getValidJSToken(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidLong(String, long) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a string which should contain a long, returning a default value if the source is
null
, empty, can't be parsed, or contains XSS risks. - getValidLong(String, long) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidMultiLineComment(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate multi-line comment to be used inside a <script>...</script> or <style>...</style> block.
- getValidMultiLineComment(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidStyleToken(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate a style/CSS token.
- getValidStyleToken(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
- getValidXML(String, String) - Method in interface org.apache.sling.xss.XSSAPI
-
Validate an XML string
- getValidXML(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
H
- H16 - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- HEX_DIGIT - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- HIER_PART - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- HOST - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- HTML_HTML_CONTENT - org.apache.sling.xss.ProtectionContext
-
Escape HTML for use inside element content (rules #6 and - to some degree - #1), using a policy to remove potentially malicous HTML
- HtmlToHtmlContentContext - Class in org.apache.sling.xss.impl
-
This class implements an escaping rule to be used for cleaning up existing HTML content.
- HtmlToHtmlContentContext() - Constructor for class org.apache.sling.xss.impl.HtmlToHtmlContentContext
I
- IP_LITERAL - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- IPv4_ADDRESS - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- IPv6_ADDRESS - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- isAction(String) - Method in class org.apache.sling.xss.impl.FallbackATag
- isEmbedded() - Method in class org.apache.sling.xss.impl.XSSFilterImpl.AntiSamyPolicy
- isValidHref(String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
- isValidHref(String) - Method in interface org.apache.sling.xss.XSSFilter
-
Checks if the given URL is valid to be used for the
href
attribute in aa
tag.
L
- LS32 - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
M
- mutateAction(String) - Method in class org.apache.sling.xss.impl.FallbackATag
O
- org.apache.sling.xss - package org.apache.sling.xss
-
XSS Protection Service
- org.apache.sling.xss.impl - package org.apache.sling.xss.impl
P
- PATH_ABEMPTY - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PATH_ABSOLUTE - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PATH_EMPTY - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PATH_NOSCHEME - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PATH_ROOTLESS - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PCHAR - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PCT_ENCODED - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- PLAIN_HTML_CONTENT - org.apache.sling.xss.ProtectionContext
-
Escape plain text for use inside HTML content (rule #1)
- PlainTextToHtmlContentContext - Class in org.apache.sling.xss.impl
-
Class that provides the capability of securing input provided as plain text for HTML output.
- PlainTextToHtmlContentContext() - Constructor for class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
- PolicyHandler - Class in org.apache.sling.xss.impl
-
Class that provides the capability of securing input provided as plain text for HTML output.
- PolicyHandler(InputStream) - Constructor for class org.apache.sling.xss.impl.PolicyHandler
-
Creates a
PolicyHandler
from anInputStream
. - PORT - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- ProtectionContext - Enum in org.apache.sling.xss
-
This enumeration defines the context for executing XSS protection.
Q
- QUERY - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
R
- read() - Method in class org.apache.sling.xss.impl.XSSFilterImpl.AntiSamyPolicy
- REG_NAME - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- RELATIVE_PART - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- RELATIVE_REF - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
S
- SCHEME_PATTERN - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- SEGMENT_NZ - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- SEGMENT_NZ_NC - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- setAttribute(String, Object) - Method in class org.apache.sling.xss.impl.AttributeTranslatingTransformerFactoryImpl
- SUB_DELIMS - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- supportsPolicy() - Method in class org.apache.sling.xss.impl.HtmlToHtmlContentContext
- supportsPolicy() - Method in class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
- supportsPolicy() - Method in interface org.apache.sling.xss.impl.XSSFilterRule
U
- UNRESERVED_CHARACTERS - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- URI - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
- USER_INFO - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
V
- valueOf(String) - Static method in enum org.apache.sling.xss.ProtectionContext
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum org.apache.sling.xss.ProtectionContext
-
Returns an array containing the constants of this enum type, in the order they are declared.
X
- XSSAPI - Interface in org.apache.sling.xss
-
A service providing validators and encoders for XSS protection during the composition of HTML pages.
- XSSAPIImpl - Class in org.apache.sling.xss.impl
- XSSAPIImpl() - Constructor for class org.apache.sling.xss.impl.XSSAPIImpl
- XSSFilter - Interface in org.apache.sling.xss
-
This service should be used to protect output against potential XSS attacks.
- XSSFilterImpl - Class in org.apache.sling.xss.impl
-
This class implements the
XSSFilter
using the Antisamy XSS protection library found at http://code.google.com/p/owaspantisamy/. - XSSFilterImpl() - Constructor for class org.apache.sling.xss.impl.XSSFilterImpl
- XSSFilterImpl.AntiSamyPolicy - Class in org.apache.sling.xss.impl
- XSSFilterRule - Interface in org.apache.sling.xss.impl
-
This interface defines a protection context.
All Classes All Packages