本文整理汇总了Java中org.owasp.esapi.errors.ValidationException类的典型用法代码示例。如果您正苦于以下问题:Java ValidationException类的具体用法?Java ValidationException怎么用?Java ValidationException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
ValidationException类属于org.owasp.esapi.errors包,在下文中一共展示了ValidationException类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: putArticle
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
@PostMapping("/putArticle")
@ResponseBody
public String putArticle(@RequestParam("artical") String artical, HttpServletRequest request) throws ValidationException {
String safeArtical = ESAPI.validator().getValidSafeHTML("htmlInput", artical, 1000, true);
return "{status:ok}";
}
开发者ID:yrzx404,项目名称:interview-question-code,代码行数:9,代码来源:IndexContoller.java
示例2: setUserAccountName
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Set the user account name associated with this cryptographic token
* object. The user account name is converted to lower case.
* @param userAccountName The user account name.
* @throws ValidationException Thrown if user account name is not valid, i.e.,
* if it doesn't conform to the regular expression
* given by "[a-z][[email protected]]*". (Note that the
* parameter {@code userAccountName} is first converted
* to lower case before checked against the regular
* expression.)
*/
public void setUserAccountName(String userAccountName) throws ValidationException {
assert userAccountName != null : "User account name may not be null.";
// Converting to lower case first allows a simpler regex.
String userAcct = userAccountName.toLowerCase();
// Check to make sure that attribute name is valid as per our regex.
Matcher userNameChecker = userNameRegex.matcher(userAcct);
if ( userNameChecker.matches() ) {
username = userAcct;
} else {
throw new ValidationException("Invalid user account name encountered.",
"User account name " + userAccountName +
" does not match regex " +
USERNAME_REGEX + " after conversion to lowercase.");
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:29,代码来源:CryptoToken.java
示例3: testLenientDate
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
public void testLenientDate() {
System.out.println("testLenientDate");
boolean acceptLenientDates = ESAPI.securityConfiguration().getLenientDatesAccepted();
if ( acceptLenientDates ) {
assertTrue("Lenient date test skipped because Validator.AcceptLenientDates set to true", true);
return;
}
Date lenientDateTest = null;
try {
// lenientDateTest will be null when Validator.AcceptLenientDates
// is set to false (the default).
Validator instance = ESAPI.validator();
lenientDateTest = instance.getValidDate("datatest3-lenient", "15/2/2009 11:83:00",
DateFormat.getDateInstance(DateFormat.SHORT, Locale.US),
false);
fail("Failed to throw expected ValidationException when Validator.AcceptLenientDates set to false.");
} catch (ValidationException ve) {
assertNull( lenientDateTest );
Throwable cause = ve.getCause();
assertTrue( cause.getClass().getName().equals("java.text.ParseException") );
} catch (Exception e) {
fail("Caught unexpected exception: " + e.getClass().getName() + "; msg: " + e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:26,代码来源:ValidatorTest.java
示例4: testBlacklistPattern
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
@Test
public void testBlacklistPattern() throws ValidationException {
StringValidationRule validationRule = new StringValidationRule("NoAngleBrackets");
Assert.assertEquals("beg <script> end", validationRule.getValid("", "beg <script> end"));
validationRule.addBlacklistPattern("^.*(<|>).*");
try {
validationRule.getValid("", "beg <script> end");
Assert.fail("Expected Exception not thrown");
}
catch (ValidationException ve) {
Assert.assertNotNull(ve.getMessage());
}
Assert.assertEquals("beg script end", validationRule.getValid("", "beg script end"));
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:17,代码来源:StringValidationRuleTest.java
示例5: doDirCheck
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
private void doDirCheck(String path) throws ValidationException {
Matcher m1 = DIR_BLACKLIST_PAT.matcher( path );
if ( m1.find() ) {
throw new ValidationException( "Invalid directory", "Directory path (" + path + ") contains illegal character: " + m1.group() );
}
Matcher m2 = PERCENTS_PAT.matcher( path );
if ( m2.find() ) {
throw new ValidationException( "Invalid directory", "Directory path (" + path + ") contains encoded characters: " + m2.group() );
}
int ch = containsUnprintableCharacters(path);
if (ch != -1) {
throw new ValidationException("Invalid directory", "Directory path (" + path + ") contains unprintable character: " + ch);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:17,代码来源:SafeFile.java
示例6: testAddException
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Test of addException method, of class org.owasp.esapi.IntrusionDetector.
*
* @throws AuthenticationException
* the authentication exception
*/
public void testAddException() throws AuthenticationException {
System.out.println("addException");
ESAPI.intrusionDetector().addException( new RuntimeException("message") );
ESAPI.intrusionDetector().addException( new ValidationException("user message", "log message") );
ESAPI.intrusionDetector().addException( new IntrusionException("user message", "log message") );
String username = ESAPI.randomizer().getRandomString(8, EncoderConstants.CHAR_ALPHANUMERICS);
Authenticator auth = ESAPI.authenticator();
User user = auth.createUser(username, "addException", "addException");
user.enable();
MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse();
ESAPI.httpUtilities().setCurrentHTTP(request, response);
user.loginWithPassword("addException");
// Now generate some exceptions to disable account
for ( int i = 0; i < ESAPI.securityConfiguration().getQuota(IntegrityException.class.getName()).count; i++ ) {
// EnterpriseSecurityExceptions are added to IntrusionDetector automatically
new IntegrityException( "IntegrityException " + i, "IntegrityException " + i );
}
assertFalse( user.isLoggedIn() );
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:28,代码来源:IntrusionDetectorTest.java
示例7: testWhitelistPattern
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
@Test
public void testWhitelistPattern() throws ValidationException {
StringValidationRule validationRule = new StringValidationRule("Alphabetic");
Assert.assertEquals("Magnum44", validationRule.getValid("", "Magnum44"));
validationRule.addWhitelistPattern("^[a-zA-Z]*");
try {
validationRule.getValid("", "Magnum44");
Assert.fail("Expected Exception not thrown");
}
catch (ValidationException ve) {
Assert.assertNotNull(ve.getMessage());
}
Assert.assertEquals("MagnumPI", validationRule.getValid("", "MagnumPI"));
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:18,代码来源:StringValidationRuleTest.java
示例8: testCheckLengths
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
@Test
public void testCheckLengths() throws ValidationException {
StringValidationRule validationRule = new StringValidationRule("Max12_Min2");
validationRule.setMinimumLength(2);
validationRule.setMaximumLength(12);
Assert.assertTrue(validationRule.isValid("", "12"));
Assert.assertTrue(validationRule.isValid("", "123456"));
Assert.assertTrue(validationRule.isValid("", "ABCDEFGHIJKL"));
Assert.assertFalse(validationRule.isValid("", "1"));
Assert.assertFalse(validationRule.isValid("", "ABCDEFGHIJKLM"));
ValidationErrorList errorList = new ValidationErrorList();
Assert.assertEquals("1234567890", validationRule.getValid("", "1234567890", errorList));
Assert.assertEquals(0, errorList.size());
Assert.assertEquals(null, validationRule.getValid("", "123456789012345", errorList));
Assert.assertEquals(1, errorList.size());
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:21,代码来源:StringValidationRuleTest.java
示例9: isValidFileContent
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
public boolean isValidFileContent(String context, byte[] input, int maxBytes, boolean allowNull, ValidationErrorList errors) throws IntrusionException {
try {
getValidFileContent( context, input, maxBytes, allowNull);
return true;
} catch( ValidationException e ) {
errors.addError(context, e);
return false;
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:13,代码来源:DefaultValidator.java
示例10: safeReadLine
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* {@inheritDoc}
*
* This implementation reads until a newline or the specified number of
* characters.
*
* @param in
* @param max
*/
public String safeReadLine(InputStream in, int max) throws ValidationException {
if (max <= 0) {
throw new ValidationAvailabilityException( "Invalid input", "Invalid readline. Must read a positive number of bytes from the stream");
}
StringBuilder sb = new StringBuilder();
int count = 0;
int c;
try {
while (true) {
c = in.read();
if ( c == -1 ) {
if (sb.length() == 0) {
return null;
}
break;
}
if (c == '\n' || c == '\r') {
break;
}
count++;
if (count > max) {
throw new ValidationAvailabilityException( "Invalid input", "Invalid readLine. Read more than maximum characters allowed (" + max + ")");
}
sb.append((char) c);
}
return sb.toString();
} catch (IOException e) {
throw new ValidationAvailabilityException( "Invalid input", "Invalid readLine. Problem reading from input stream", e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:42,代码来源:DefaultValidator.java
示例11: getValidDouble
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
public Double getValidDouble(String context, String input, double minValue, double maxValue, boolean allowNull, ValidationErrorList errors) throws IntrusionException {
try {
return getValidDouble(context, input, minValue, maxValue, allowNull);
} catch (ValidationException e) {
errors.addError(context, e);
}
return new Double(Double.NaN);
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:13,代码来源:DefaultValidator.java
示例12: addAttributes
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Add the specified collection of attributes to the current attributes.
* If there are duplicate attributes specified, they will replace any
* existing ones.
*
* @param attrs Name/value pairs of attributes to add or replace the existing
* attributes. Map must be non-null, but may be empty.
* @throws ValidationException Thrown if one of the keys in the specified
* parameter {@code attrs} is not a valid name.
* That is, all attribute names must match the regular
* expression ""[A-Za-z0-9_.-]+".
* @see #setAttribute(String, String)
*/
public void addAttributes(final Map<String, String> attrs) throws ValidationException {
// CHECKME: Assertion vs. IllegalArgumentException
assert attrs != null : "Attribute map may not be null.";
Set< Entry<String,String> > keyValueSet = attrs.entrySet();
Iterator<Entry<String, String>> it = keyValueSet.iterator();
while( it.hasNext() ) {
Map.Entry<String,String> entry = it.next();
String key = entry.getKey();
String value = entry.getValue();
setAttribute(key, value);
}
return;
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:27,代码来源:CryptoToken.java
示例13: getValidPrintable
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Returns canonicalized and validated printable characters as a String. Invalid input will generate a descriptive ValidationException, and input that is clearly an attack
* will generate a descriptive IntrusionException.
*
* @throws IntrusionException
*/
public String getValidPrintable(String context, String input, int maxLength, boolean allowNull) throws ValidationException, IntrusionException {
try {
String canonical = encoder.canonicalize(input);
return new String( getValidPrintable( context, canonical.toCharArray(), maxLength, allowNull) );
//TODO - changed this to base Exception since we no longer need EncodingException
//TODO - this is a bit lame: we need to re-think this function.
} catch (Exception e) {
throw new ValidationException( context + ": Invalid printable input", "Invalid encoding of printable input, context=" + context + ", input=" + input, e, context);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:17,代码来源:DefaultValidator.java
示例14: addDateHeader
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Add a cookie to the response after ensuring that there are no encoded or
* illegal characters in the name.
* @param name
* @param date
*/
public void addDateHeader(String name, long date) {
try {
String safeName = ESAPI.validator().getValidInput("safeSetDateHeader", name, "HTTPHeaderName", 20, false);
getHttpServletResponse().addDateHeader(safeName, date);
} catch (ValidationException e) {
logger.warning(Logger.SECURITY_FAILURE, "Attempt to set invalid date header name denied", e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:15,代码来源:SecurityWrapperResponse.java
示例15: testSize
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
public void testSize() throws Exception {
System.out.println("testSize");
ValidationErrorList vel = new ValidationErrorList();
assertTrue( vel.size() == 0 );
ValidationException vex = createValidationException();
vel.addError("context", vex );
assertTrue( vel.size() == 1 );
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:9,代码来源:ValidationErrorListTest.java
示例16: addIntHeader
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Add an int header to the response after ensuring that there are no
* encoded or illegal characters in the name and name.
* @param name
* @param value
*/
public void addIntHeader(String name, int value) {
try {
String safeName = ESAPI.validator().getValidInput("safeSetDateHeader", name, "HTTPHeaderName", 20, false);
getHttpServletResponse().addIntHeader(safeName, value);
} catch (ValidationException e) {
logger.warning(Logger.SECURITY_FAILURE, "Attempt to set invalid int header name denied", e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:15,代码来源:SecurityWrapperResponse.java
示例17: setDateHeader
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Add a date header to the response after ensuring that there are no
* encoded or illegal characters in the name.
* @param name
* @param date
*/
public void setDateHeader(String name, long date) {
try {
String safeName = ESAPI.validator().getValidInput("safeSetDateHeader", name, "HTTPHeaderName", 20, false);
getHttpServletResponse().setDateHeader(safeName, date);
} catch (ValidationException e) {
logger.warning(Logger.SECURITY_FAILURE, "Attempt to set invalid date header name denied", e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:15,代码来源:SecurityWrapperResponse.java
示例18: setHeader
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Add a header to the response after ensuring that there are no encoded or
* illegal characters in the name and value. "A recipient MAY replace any
* linear white space with a single SP before interpreting the field value
* or forwarding the message downstream."
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2
* @param name
* @param value
*/
public void setHeader(String name, String value) {
try {
String strippedName = StringUtilities.stripControls(name);
String strippedValue = StringUtilities.stripControls(value);
String safeName = ESAPI.validator().getValidInput("setHeader", strippedName, "HTTPHeaderName", 20, false);
String safeValue = ESAPI.validator().getValidInput("setHeader", strippedValue, "HTTPHeaderValue", ESAPI.securityConfiguration().getMaxHttpHeaderSize(), false);
getHttpServletResponse().setHeader(safeName, safeValue);
} catch (ValidationException e) {
logger.warning(Logger.SECURITY_FAILURE, "Attempt to set invalid header denied", e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:21,代码来源:SecurityWrapperResponse.java
示例19: setIntHeader
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Add an int header to the response after ensuring that there are no
* encoded or illegal characters in the name.
* @param name
* @param value
*/
public void setIntHeader(String name, int value) {
try {
String safeName = ESAPI.validator().getValidInput("safeSetDateHeader", name, "HTTPHeaderName", 20, false);
getHttpServletResponse().setIntHeader(safeName, value);
} catch (ValidationException e) {
logger.warning(Logger.SECURITY_FAILURE, "Attempt to set invalid int header name denied", e);
}
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:15,代码来源:SecurityWrapperResponse.java
示例20: getCookies
import org.owasp.esapi.errors.ValidationException; //导入依赖的package包/类
/**
* Returns the array of Cookies from the HttpServletRequest after
* canonicalizing and filtering out any dangerous characters.
* @return An array of {@code Cookie}s for this {@code HttpServletRequest}
*/
public Cookie[] getCookies() {
Cookie[] cookies = getHttpServletRequest().getCookies();
if (cookies == null) return new Cookie[0];
List<Cookie> newCookies = new ArrayList<Cookie>();
for (Cookie c : cookies) {
// build a new clean cookie
try {
// get data from original cookie
String name = ESAPI.validator().getValidInput("Cookie name: " + c.getName(), c.getName(), "HTTPCookieName", 150, true);
String value = ESAPI.validator().getValidInput("Cookie value: " + c.getValue(), c.getValue(), "HTTPCookieValue", 1000, true);
int maxAge = c.getMaxAge();
String domain = c.getDomain();
String path = c.getPath();
Cookie n = new Cookie(name, value);
n.setMaxAge(maxAge);
if (domain != null) {
n.setDomain(ESAPI.validator().getValidInput("Cookie domain: " + domain, domain, "HTTPHeaderValue", 200, false));
}
if (path != null) {
n.setPath(ESAPI.validator().getValidInput("Cookie path: " + path, path, "HTTPHeaderValue", 200, false));
}
newCookies.add(n);
} catch (ValidationException e) {
logger.warning(Logger.SECURITY_FAILURE, "Skipping bad cookie: " + c.getName() + "=" + c.getValue(), e );
}
}
return newCookies.toArray(new Cookie[newCookies.size()]);
}
开发者ID:abimael93,项目名称:owasp-esapi-java,代码行数:37,代码来源:SecurityWrapperRequest.java
注:本文中的org.owasp.esapi.errors.ValidationException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论