public class Security
extends java.lang.Object
Provides transaction security functions. Examples Please find the transaction
security function examples below.
XML Safe Check Example
This Groovy example shows how to check if the XML document does not contain any
XSS characters.
import com.avoka.tm.util.Security
boolean isSafe = Security.isXmlDocumentSafe(xmlDocument)
Text Safe Check Example
This Groovy example shows how to check if the XML document does not contain any
XSS characters.
import com.avoka.tm.util.Security
boolean isSafe = Security.isXmlTextSafe(xmlText)
Adding Transaction Security Tokens to Session Example
This Groovy example shows how to add the transaction security tokens to the
session.
import com.avoka.tm.util.Security
Security.addSessionTxnSecurityTokens(request, txnId)
- Since:
- 5.0
Method Summary
All Methods Static Methods Concrete Methods
Modifier and Type |
Method |
Description |
static void |
addSessionReceiptSecurityTokens(javax.servlet.http.HttpServletRequest request,
Txn txn)
|
Add the transaction PDF receipt security access tokens to the session.
|
static void |
addSessionTxnSecurityTokens(javax.servlet.http.HttpServletRequest request,
Txn txn)
|
Add the transaction security access tokens to the session.
|
static java.lang.String |
getSessionEntryUrl(javax.servlet.http.HttpServletRequest request)
|
Return the session stored Entry URL for SSO integration support.
|
static boolean |
isXssSafeFilename(java.lang.String value) |
Return true if the filename value is XSS safe.
|
static boolean |
isXssSafeText(java.lang.String text) |
Return true if the XML text does not contain any XSS characters, or
false otherwise.
|
static boolean |
isXssSafeXmlDoc(org.w3c.dom.Document document) |
Return true if the XML document does not contain any XSS characters, or
false otherwise.
|
static boolean |
isXssSafeXmlText(java.lang.String value) |
Return true if the XML text does not contain any XSS characters, or
false otherwise.
|
static java.lang.String |
storeSessionEntryUrl(javax.servlet.http.HttpServletRequest request)
|
Stores the Entry URL in the session for SSO integration support.
|
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString,
wait, wait, wait
Method Detail
addSessionTxnSecurityTokens
public static void addSessionTxnSecurityTokens(javax.servlet.http.HttpServletRequest request,
Txn txn)
Add the transaction security access tokens to the session.
- Parameters:
request
- the HTTP request (required)
txn
- the transaction (required)
addSessionReceiptSecurityTokens
public static void addSessionReceiptSecurityTokens(javax.servlet.http.HttpServletRequest request,
Txn txn)
Add the transaction PDF receipt security access tokens to the session.
- Parameters:
request
- the HTTP request (required)
txn
- the transaction (required)
- Since:
- 18.11.0
storeSessionEntryUrl
public
static java.lang.String storeSessionEntryUrl(javax.servlet.http.HttpServletRequest request)
Stores the Entry URL in the session for SSO integration support.
- Parameters:
request
- the servlet request (required)
- Returns:
- the stored URL stored in the session
- Since:
- 18.11.0
getSessionEntryUrl
public
static java.lang.String getSessionEntryUrl(javax.servlet.http.HttpServletRequest request)
Return the session stored Entry URL for SSO integration support.
- Parameters:
request
- the servlet request (required)
- Returns:
- the Entry URL if available or null otherwise
- Since:
- 18.11.0
isXssSafeXmlDoc
public static boolean isXssSafeXmlDoc(org.w3c.dom.Document document)
Return true if the XML document does not contain any XSS characters, or false
otherwise. Please see dangerous characters: XSS Filter Evasion Cheat Sheet
- Parameters:
document
- the XML document to test (required)
- Returns:
- true, if is XSS safe or false otherwise
isXssSafeXmlText
public static boolean isXssSafeXmlText(java.lang.String value)
Return true if the XML text does not contain any XSS characters, or false
otherwise. Please see dangerous characters: XSS Filter Evasion Cheat Sheet
- Parameters:
value
- the XML text to test (required)
- Returns:
- true, if is XSS safe or false otherwise
isXssSafeText
public static boolean isXssSafeText(java.lang.String text)
Return true if the XML text does not contain any XSS characters, or false
otherwise. Please see dangerous characters: XSS Filter Evasion Cheat Sheet
- Parameters:
text
- the XML text to test (required)
- Returns:
- true, if is XSS safe or false otherwise
isXssSafeFilename
public static boolean isXssSafeFilename(java.lang.String value)
Return true if the filename value is XSS safe. This applies the standard XSS
checks except 'document.' and 'window.' values. Please see dangerous characters:
XSS Filter Evasion Cheat Sheet
- Parameters:
value
- the value to test (required)
- Returns:
- true, if is XSS safe