Package de.hybris.platform.security.impl

Class DefaultXssEncodeService

java.lang.Object

de.hybris.platform.security.impl.DefaultXssEncodeService

All Implemented Interfaces:

XssEncodeService

public class DefaultXssEncodeService
extends java.lang.Object
implements XssEncodeService

Default implementation of XssEncodeService

Constructor Summary

Constructors

Constructor	Description
DefaultXssEncodeService()

Method Summary

Modifier and Type	Method	Description
java.lang.String	encodeHtml(java.lang.String input)	Encodes input HTML to be XSS-safe code

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DefaultXssEncodeService

public DefaultXssEncodeService()

Method Detail

encodeHtml

public java.lang.String encodeHtml(java.lang.String input)

Description copied from interface: XssEncodeService

Encodes input HTML to be XSS-safe code

Specified by:

encodeHtml in interface XssEncodeService

Parameters:

input - untrusted HTML-string to clear it

Returns:

a safe (w/o potential XSS vulnerabilities) representation of the HTML