org.apache.jasper.security

Class SecurityUtil

public final class SecurityUtil extends Object

Util class for Security related operations.

Author: Jean-Francois Arcand

Method Summary
static Stringfilter(String message)
Filter the specified message string for characters that are sensitive in HTML.
static booleanisPackageProtectionEnabled()
Return the SecurityManager only if Security is enabled AND package protection mechanism is enabled.

Method Detail

filter

public static String filter(String message)
Filter the specified message string for characters that are sensitive in HTML. This avoids potential attacks caused by including JavaScript codes in the request URL that is often reported in error messages.

Parameters: message The message string to be filtered

isPackageProtectionEnabled

public static boolean isPackageProtectionEnabled()
Return the SecurityManager only if Security is enabled AND package protection mechanism is enabled.
Copyright © 2000-2011 Apache Software Foundation. All Rights Reserved.