com.liferay.portal.kernel.servlet

Class SanitizedServletResponse

Object

javax.servlet.ServletResponseWrapper

javax.servlet.http.HttpServletResponseWrapper

com.liferay.portal.kernel.servlet.SanitizedServletResponse

All Implemented Interfaces:

javax.servlet.http.HttpServletResponse, javax.servlet.ServletResponse

public class SanitizedServletResponse
extends javax.servlet.http.HttpServletResponseWrapper

Author:

László Csontos, Shuyang Zhou, Tomas Polesovsky

Field Summary

Fields inherited from interface javax.servlet.http.HttpServletResponse

SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY

Method Summary

Modifier and Type	Method and Description
void	addHeader(String name, String value)
static void	disableXSSAuditor(javax.servlet.http.HttpServletResponse response)
static void	disableXSSAuditor(PortletResponse portletResponse)
static void	disableXSSAuditorOnNextRequest(javax.servlet.http.HttpServletRequest request)
static void	disableXSSAuditorOnNextRequest(PortletRequest portletRequest)
static javax.servlet.http.HttpServletResponse	getSanitizedServletResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
void	sendRedirect(String location)
void	setCharacterEncoding(String charset)
void	setContentType(String type)
void	setHeader(String name, String value)
protected static void	setXContentOptions(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected static void	setXFrameOptions(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected static void	setXXSSProtection(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

Methods inherited from class javax.servlet.http.HttpServletResponseWrapper

addCookie, addDateHeader, addIntHeader, containsHeader, encodeRedirectUrl, encodeRedirectURL, encodeUrl, encodeURL, getHeader, getHeaderNames, getHeaders, getStatus, sendError, sendError, setDateHeader, setIntHeader, setStatus, setStatus

Methods inherited from class javax.servlet.ServletResponseWrapper

flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getResponse, getWriter, isCommitted, isWrapperFor, isWrapperFor, reset, resetBuffer, setBufferSize, setContentLength, setLocale, setResponse

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.servlet.ServletResponse

flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setContentLength, setLocale

Method Detail

disableXSSAuditor

public static void disableXSSAuditor(javax.servlet.http.HttpServletResponse response)

disableXSSAuditor

public static void disableXSSAuditor(PortletResponse portletResponse)

disableXSSAuditorOnNextRequest

public static void disableXSSAuditorOnNextRequest(javax.servlet.http.HttpServletRequest request)

disableXSSAuditorOnNextRequest

public static void disableXSSAuditorOnNextRequest(PortletRequest portletRequest)

getSanitizedServletResponse

public static javax.servlet.http.HttpServletResponse getSanitizedServletResponse(javax.servlet.http.HttpServletRequest request,
                                                                                 javax.servlet.http.HttpServletResponse response)

addHeader

public void addHeader(String name,
                      String value)

Specified by:

addHeader in interface javax.servlet.http.HttpServletResponse

Overrides:

addHeader in class javax.servlet.http.HttpServletResponseWrapper

sendRedirect

public void sendRedirect(String location)
                  throws IOException

Specified by:

sendRedirect in interface javax.servlet.http.HttpServletResponse

Overrides:

sendRedirect in class javax.servlet.http.HttpServletResponseWrapper

Throws:

IOException

setCharacterEncoding

public void setCharacterEncoding(String charset)

Specified by:

setCharacterEncoding in interface javax.servlet.ServletResponse

Overrides:

setCharacterEncoding in class javax.servlet.ServletResponseWrapper

setContentType

public void setContentType(String type)

Specified by:

setContentType in interface javax.servlet.ServletResponse

Overrides:

setContentType in class javax.servlet.ServletResponseWrapper

setHeader

public void setHeader(String name,
                      String value)

Specified by:

setHeader in interface javax.servlet.http.HttpServletResponse

Overrides:

setHeader in class javax.servlet.http.HttpServletResponseWrapper

setXContentOptions

protected static void setXContentOptions(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response)

setXFrameOptions

protected static void setXFrameOptions(javax.servlet.http.HttpServletRequest request,
                                       javax.servlet.http.HttpServletResponse response)

setXXSSProtection

protected static void setXXSSProtection(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response)