Skip navigation links
A C D E F G H I J K L O P R S U V W X 

A

activate() - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
activate() - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
ADAPTABLE_CLASSES - Static variable in class org.apache.sling.xss.impl.XSSAPIAdapterFactory
 
ADAPTER_CLASSES - Static variable in class org.apache.sling.xss.impl.XSSAPIAdapterFactory
 

C

check(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.HtmlToHtmlContentContext
 
check(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
 
check(ProtectionContext, String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
check(ProtectionContext, String, String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
check(PolicyHandler, String) - Method in interface org.apache.sling.xss.impl.XSSFilterRule
Check to see if a given string contains policy violations.
check(ProtectionContext, String) - Method in interface org.apache.sling.xss.XSSFilter
Indicates whether or not a given source string contains XSS policy violations.

D

deactivate() - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
DEFAULT_CONTEXT - Static variable in interface org.apache.sling.xss.XSSFilter
Default context.
DEFAULT_POLICY_PATH - Static variable in class org.apache.sling.xss.impl.XSSFilterImpl
 

E

encodeForCSSString(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
encodeForCSSString(String) - Method in interface org.apache.sling.xss.XSSAPI
Encodes a source string for writing to CSS string content.
encodeForHTML(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
encodeForHTML(String) - Method in interface org.apache.sling.xss.XSSAPI
Encodes a source string for HTML element content.
encodeForHTMLAttr(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
encodeForHTMLAttr(String) - Method in interface org.apache.sling.xss.XSSAPI
Encodes a source string for writing to an HTML attribute value.
encodeForJSString(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
encodeForJSString(String) - Method in interface org.apache.sling.xss.XSSAPI
Encodes a source string for writing to JavaScript string content.
encodeForXML(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
encodeForXML(String) - Method in interface org.apache.sling.xss.XSSAPI
Encodes a source string for XML element content.
encodeForXMLAttr(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
encodeForXMLAttr(String) - Method in interface org.apache.sling.xss.XSSAPI
Encodes a source string for writing to an XML attribute value.

F

filter(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.HtmlToHtmlContentContext
 
filter(PolicyHandler, String) - Method in class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
 
filter(String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
filter(ProtectionContext, String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
filter(ProtectionContext, String, String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
filter(PolicyHandler, String) - Method in interface org.apache.sling.xss.impl.XSSFilterRule
Filter a given string to remove any policy violations.
filter(String) - Method in interface org.apache.sling.xss.XSSFilter
Prevents the given source string from containing XSS stuff.
filter(ProtectionContext, String) - Method in interface org.apache.sling.xss.XSSFilter
Protects the given source string from containing XSS stuff.
filterHTML(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
filterHTML(String) - Method in interface org.apache.sling.xss.XSSAPI
Filters potentially user-contributed HTML to meet the AntiSamy policy rules currently in effect for HTML output (see the XSSFilter service for details).
fromName(String) - Static method in enum org.apache.sling.xss.ProtectionContext
Gets a protection context from the specified name.

G

getAdapter(Object, Class<AdapterType>) - Method in class org.apache.sling.xss.impl.XSSAPIAdapterFactory
 
getAntiSamy() - Method in class org.apache.sling.xss.impl.PolicyHandler
 
getName() - Method in enum org.apache.sling.xss.ProtectionContext
Gets the name of the protection context.
getPolicy() - Method in class org.apache.sling.xss.impl.PolicyHandler
 
getRequestSpecificAPI(SlingHttpServletRequest) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getRequestSpecificAPI(SlingHttpServletRequest) - Method in interface org.apache.sling.xss.XSSAPI
Deprecated.
getResourceResolverSpecificAPI(ResourceResolver) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getResourceResolverSpecificAPI(ResourceResolver) - Method in interface org.apache.sling.xss.XSSAPI
Deprecated.
getValidCSSColor(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidCSSColor(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate a CSS color value.
getValidDimension(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidDimension(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate a string which should contain a dimension, returning a default value if the source is empty, can't be parsed, or contains XSS risks.
getValidDouble(String, double) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidDouble(String, double) - Method in interface org.apache.sling.xss.XSSAPI
Validate a string which should contain an double, returning a default value if the source is null, empty, can't be parsed, or contains XSS risks.
getValidHref(String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidHref(String) - Method in interface org.apache.sling.xss.XSSAPI
Sanitizes a URL for writing as an HTML href or src attribute value.
getValidInteger(String, int) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidInteger(String, int) - Method in interface org.apache.sling.xss.XSSAPI
Validate a string which should contain an integer, returning a default value if the source is null, empty, can't be parsed, or contains XSS risks.
getValidJSON(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidJSON(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate a JSON string
getValidJSToken(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidJSToken(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate a Javascript token.
getValidLong(String, long) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidLong(String, long) - Method in interface org.apache.sling.xss.XSSAPI
Validate a string which should contain a long, returning a default value if the source is null, empty, can't be parsed, or contains XSS risks.
getValidMultiLineComment(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidMultiLineComment(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate multi-line comment to be used inside a <script>...</script> or <style>...</style> block.
getValidStyleToken(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidStyleToken(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate a style/CSS token.
getValidXML(String, String) - Method in class org.apache.sling.xss.impl.XSSAPIImpl
 
getValidXML(String, String) - Method in interface org.apache.sling.xss.XSSAPI
Validate an XML string

H

hasPolicy(String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
HtmlToHtmlContentContext - Class in org.apache.sling.xss.impl
This class implements an escaping rule to be used for cleaning up existing HTML content.
HtmlToHtmlContentContext() - Constructor for class org.apache.sling.xss.impl.HtmlToHtmlContentContext
 

I

isValidHref(String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
isValidHref(String) - Method in interface org.apache.sling.xss.XSSFilter
Checks if the given URL is valid to be used for the href attribute in a a tag.

J

JSONUtil - Class in org.apache.sling.xss
Deprecated.

K

KEY_SUFFIX_XSS - Static variable in class org.apache.sling.xss.JSONUtil
Deprecated.
Key suffix for XSS protected properties

L

loadPolicy(String, InputStream) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 

O

onChange(List<ResourceChange>) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
org.apache.sling.xss - package org.apache.sling.xss
XSS Protection Service
org.apache.sling.xss.impl - package org.apache.sling.xss.impl
 

P

PlainTextToHtmlContentContext - Class in org.apache.sling.xss.impl
Class that provides the capability of securing input provided as plain text for HTML output.
PlainTextToHtmlContentContext() - Constructor for class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
 
PolicyHandler - Class in org.apache.sling.xss.impl
Class that provides the capability of securing input provided as plain text for HTML output.
PolicyHandler(InputStream) - Constructor for class org.apache.sling.xss.impl.PolicyHandler
Creates a PolicyHandler from an InputStream.
ProtectionContext - Enum in org.apache.sling.xss
This enumeration defines the context for executing XSS protection.
putProtected(JSONObject, String, String, XSSFilter) - Static method in class org.apache.sling.xss.JSONUtil
Deprecated.
Puts a xss protected value into a JSON object.
putWithProtected(JSONObject, String, String, XSSFilter) - Static method in class org.apache.sling.xss.JSONUtil
Deprecated.
Puts a value into a JSON object In addition, the xss protected value is put under the provided key appended by KEY_SUFFIX_XSS

R

resetDefaultPolicy() - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 

S

setDefaultPolicy(InputStream) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 
supportsPolicy() - Method in class org.apache.sling.xss.impl.HtmlToHtmlContentContext
 
supportsPolicy() - Method in class org.apache.sling.xss.impl.PlainTextToHtmlContentContext
 
supportsPolicy() - Method in interface org.apache.sling.xss.impl.XSSFilterRule
 

U

unloadPolicy(String) - Method in class org.apache.sling.xss.impl.XSSFilterImpl
 

V

valueOf(String) - Static method in enum org.apache.sling.xss.ProtectionContext
Returns the enum constant of this type with the specified name.
values() - Static method in enum org.apache.sling.xss.ProtectionContext
Returns an array containing the constants of this enum type, in the order they are declared.

W

writeProtected(JSONWriter, String, String, XSSFilter) - Static method in class org.apache.sling.xss.JSONUtil
Deprecated.
Writes a xss protected value into a JSON writer.
writeProtected(JSONWriter, String, String[], XSSFilter) - Static method in class org.apache.sling.xss.JSONUtil
Deprecated.
Writes a xss protected value array into a JSON writer.
writeWithProtected(JSONWriter, String, String, XSSFilter) - Static method in class org.apache.sling.xss.JSONUtil
Deprecated.
Writes a value into a JSON write In addition, the xss protected value is written with the provided key appended by KEY_SUFFIX_XSS
writeWithProtected(JSONWriter, String, String[], XSSFilter) - Static method in class org.apache.sling.xss.JSONUtil
Deprecated.
Writes a value array into a JSON write.

X

XSSAPI - Interface in org.apache.sling.xss
A service providing validators and encoders for XSS protection during the composition of HTML pages.
XSSAPIAdapterFactory - Class in org.apache.sling.xss.impl
Adapter factory that adapts a ResourceResolver to a resourceResolver-specific XSSAPI service.
XSSAPIAdapterFactory() - Constructor for class org.apache.sling.xss.impl.XSSAPIAdapterFactory
 
XSSAPIImpl - Class in org.apache.sling.xss.impl
 
XSSAPIImpl() - Constructor for class org.apache.sling.xss.impl.XSSAPIImpl
 
XSSFilter - Interface in org.apache.sling.xss
This service should be used to protect output against potential XSS attacks.
XSSFilterImpl - Class in org.apache.sling.xss.impl
This class implements the XSSFilter using the Antisamy XSS protection library found at http://code.google.com/p/owaspantisamy/.
XSSFilterImpl() - Constructor for class org.apache.sling.xss.impl.XSSFilterImpl
 
XSSFilterRule - Interface in org.apache.sling.xss.impl
This interface defines a protection context.
A C D E F G H I J K L O P R S U V W X 
Skip navigation links

Copyright © 2007–2017 The Apache Software Foundation. All rights reserved.