org.owasp.encoder.Encoders

public final class Encoders extends Object

Encoders -- Public factory method for obtaining instances of Encoders. Classes implementing the encoders are not directly exposed as part of the API since encoding strategies are subject to change. In many cases encoders will share the same implementation, but have different internal flags for how to handle varied content. For example the XML_CONTENT and XML_ATTRIBUTE contexts may currently share the same class with each instances having a different set of flags. Future version may optimize them into different classes.

All encoders returned by the factory are thread-safe.

Author:: Jeff Ichnowski

Field Summary

Fields

Modifier and Type

Field

Description

static final String

CDATA

Name of CDATA context.

static final String

CSS_STRING

Name of CSS string context.

static final String

CSS_URL

Name of CSS URL context.

static final String

HTML

Name of HTML general context.

static final String

HTML_ATTRIBUTE

Name of HTML attribute context.

static final String

HTML_CONTENT

Name of HTML content context.

static final String

HTML_UNQUOTED_ATTRIBUTE

Name of unquoted HTML attribute context.

static final String

JAVA

Name of Java String context.

static final String

JAVASCRIPT

Name of JavaScript general context.

static final String

JAVASCRIPT_ATTRIBUTE

Name of JavaScript attribute context.

static final String

JAVASCRIPT_BLOCK

Name of JavaScript block context.

static final String

JAVASCRIPT_SOURCE

Name of JavaScript source context.

static final String

URI

Name of URI context.

static final String

URI_COMPONENT

Name of URI component context.

static final String

XML

Name of XML general context.

static final String

XML_ATTRIBUTE

Name of XML attribute context.

static final String

XML_COMMENT

Name of XML comment context.

static final String

XML_CONTENT

Name of XML content context.
Method Summary

Modifier and Type

Method

Description

static Encoder

forName(String contextName)

Returns a new instance of an Encoder for the specified context.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- HTML
  
  public static final String HTML
  
  Name of HTML general context.
  See Also:
  
  Constant Field Values
- HTML_CONTENT
  
  public static final String HTML_CONTENT
  
  Name of HTML content context.
  See Also:
  
  Constant Field Values
- HTML_ATTRIBUTE
  
  public static final String HTML_ATTRIBUTE
  
  Name of HTML attribute context.
  See Also:
  
  Constant Field Values
- HTML_UNQUOTED_ATTRIBUTE
  
  public static final String HTML_UNQUOTED_ATTRIBUTE
  
  Name of unquoted HTML attribute context.
  See Also:
  
  Constant Field Values
- XML
  
  public static final String XML
  
  Name of XML general context.
  See Also:
  
  Constant Field Values
- XML_CONTENT
  
  public static final String XML_CONTENT
  
  Name of XML content context.
  See Also:
  
  Constant Field Values
- XML_ATTRIBUTE
  
  public static final String XML_ATTRIBUTE
  
  Name of XML attribute context.
  See Also:
  
  Constant Field Values
- XML_COMMENT
  
  public static final String XML_COMMENT
  
  Name of XML comment context.
  See Also:
  
  Constant Field Values
- CDATA
  
  public static final String CDATA
  
  Name of CDATA context.
  See Also:
  
  Constant Field Values
- CSS_STRING
  
  public static final String CSS_STRING
  
  Name of CSS string context.
  See Also:
  
  Constant Field Values
- CSS_URL
  
  public static final String CSS_URL
  
  Name of CSS URL context.
  See Also:
  
  Constant Field Values
- JAVA
  
  public static final String JAVA
  
  Name of Java String context.
  See Also:
  
  Constant Field Values
- JAVASCRIPT
  
  public static final String JAVASCRIPT
  
  Name of JavaScript general context.
  See Also:
  
  Constant Field Values
- JAVASCRIPT_ATTRIBUTE
  
  public static final String JAVASCRIPT_ATTRIBUTE
  
  Name of JavaScript attribute context.
  See Also:
  
  Constant Field Values
- JAVASCRIPT_BLOCK
  
  public static final String JAVASCRIPT_BLOCK
  
  Name of JavaScript block context.
  See Also:
  
  Constant Field Values
- JAVASCRIPT_SOURCE
  
  public static final String JAVASCRIPT_SOURCE
  
  Name of JavaScript source context.
  See Also:
  
  Constant Field Values
- URI
  
  public static final String URI
  
  Name of URI context.
  See Also:
  
  Constant Field Values
- URI_COMPONENT
  
  public static final String URI_COMPONENT
  
  Name of URI component context.
  See Also:
  
  Constant Field Values
Method Details
- forName
  
  public static Encoder forName(String contextName) throws NullPointerException, UnsupportedContextException
  
  Returns a new instance of an Encoder for the specified context. The returned instance is thread-safe.
  
  Parameters:
  
  contextName - the context name (one of the String constants defined in this class)
  
  Returns:
  
  an encoder for the specified context.
  
  Throws:
  
  NullPointerException - if contextName is null
  
  UnsupportedContextException - if contextName is not recognized.

Class Encoders

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Details

HTML

HTML_CONTENT

HTML_ATTRIBUTE

HTML_UNQUOTED_ATTRIBUTE

XML

XML_CONTENT

XML_ATTRIBUTE

XML_COMMENT

CDATA

CSS_STRING

CSS_URL

JAVA

JAVASCRIPT

JAVASCRIPT_ATTRIBUTE

JAVASCRIPT_BLOCK

JAVASCRIPT_SOURCE

URI

URI_COMPONENT

Method Details

forName