com.google.gwt.safehtml.shared.UriUtils
|
GWT 2.3.0 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public final class UriUtils
Utility class containing static methods for validating and sanitizing URIs.
| Method Summary | |
|---|---|
static java.lang.String |
extractScheme(java.lang.String uri)
Extracts the scheme of a URI. |
static boolean |
isSafeUri(java.lang.String uri)
Determines if a String is safe to use as the value of a URI-valued
HTML attribute such as src or href. |
static java.lang.String |
sanitizeUri(java.lang.String uri)
Sanitizes a URI. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
|---|
public static java.lang.String extractScheme(java.lang.String uri)
uri - the URI to extract the scheme from
null if the URI does not have onepublic static boolean isSafeUri(java.lang.String uri)
String is safe to use as the value of a URI-valued
HTML attribute such as src or href.
In this context, a URI is safe if it can be established that using it as
the value of a URI-valued HTML attribute such as src or href cannot result in script execution. Specifically, this method deems a
URI safe if it either does not have a scheme, or its scheme is one of
http, https, ftp, mailto.
uri - the URI to validate
true if uri is safe in the above sense; false otherwisepublic static java.lang.String sanitizeUri(java.lang.String uri)
This method returns the URI provided if it is safe to use as the the value
of a URI-valued HTML attribute according to isSafeUri(java.lang.String), or the URI
"#" otherwise.
uri - the URI to sanitize
|
GWT 2.3.0 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||