Package com.logicaldoc.web.filter.xss

Class XssFilter

java.lang.Object

com.logicaldoc.web.filter.xss.XssFilter

All Implemented Interfaces:

javax.servlet.Filter

public class XssFilter
extends Object
implements javax.servlet.Filter

Anti XSS vulnerability, that is the presence of <script> element and other javascript code inside the request URL.
See https://www.owasp.org/index.php/XSS
See https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html

Since:

8.4.2

Author:

Marco Meschieri - LogicalDOC

Constructor Summary

Constructors

Constructor	Description
XssFilter()

Method Summary

Modifier and Type	Method	Description
void	destroy()
void	doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
void	init(javax.servlet.FilterConfig filterConfig)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

XssFilter

public XssFilter()

Method Details

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Filter

Throws:

javax.servlet.ServletException

destroy

public void destroy()

Specified by:

destroy in interface javax.servlet.Filter

doFilter

public void doFilter(javax.servlet.ServletRequest request,
 javax.servlet.ServletResponse response,
 javax.servlet.FilterChain chain)
              throws IOException,
javax.servlet.ServletException

Specified by:

doFilter in interface javax.servlet.Filter

Throws:

IOException

javax.servlet.ServletException