com.google.common.html.types

Class SafeScript

java.lang.Object

com.google.common.html.types.SafeScript

@Immutable
 @JsType
public final class SafeScript
extends Object

A string-like object which represents JavaScript code and that carries the security type contract that its value, as a string, will not cause execution of unconstrained attacker controlled code (XSS) when evaluated as JavaScript in a browser. A SafeScript's string representation (getSafeScriptString()) can safely be interpolated as the content of a script element within HTML. The SafeScript string should not be escaped before interpolation. Note that the SafeScript might contain text that is attacker-controlled but that text should have been interpolated with appropriate escaping, sanitization and/or validation into the right location in the script, such that it is highly constrained in its effect (for example, it had to match a set of whitelisted words). A SafeScript can be constructed via security-reviewed unchecked conversions. In this case producers of SafeScript must ensure themselves that the SafeScript does not contain unsafe script. Note in particular that < is dangerous, even when inside JavaScript strings, and so should always be forbidden or JavaScript escaped in user controlled input. For example, if </script><script>evil</script>" were interpolated inside a JavaScript string, it would break out of the context of the original script element and evil would execute. Also note that within an HTML script (raw text) element, HTML character references, such as <, are not allowed. See http://www.w3.org/TR/html5/scripting-1.html#restrictions-for-contents-of-script-elements.

Field Summary

Fields

Modifier and Type	Field and Description
static SafeScript	EMPTY The SafeScript wrapping an empty string.

Method Summary

Modifier and Type	Method and Description
boolean	equals(Object other)
String	getSafeScriptString() Returns this value's underlying string.
int	hashCode()
String	toString() Returns a debug representation of this value's underlying string, NOT the string representation of the SafeScript.

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

EMPTY

public static final SafeScript EMPTY

The SafeScript wrapping an empty string.

Method Detail

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object other)

Overrides:

equals in class Object

toString

public String toString()

Returns a debug representation of this value's underlying string, NOT the string representation of the SafeScript.

Having toString() return a debug representation is intentional. This type has a GWT-compiled JavaScript version; JavaScript has no static typing and a distinct method method name provides a modicum of type-safety.

Overrides:

toString in class Object

See Also:

getSafeScriptString()

getSafeScriptString

public String getSafeScriptString()

Returns this value's underlying string. See class documentation for what guarantees exist on the returned string.