Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.esapi.waf.internal
Class InterceptingHTTPServletResponse

java.lang.Object
  extended by javax.servlet.ServletResponseWrapper
      extended by javax.servlet.http.HttpServletResponseWrapper
          extended by org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse
All Implemented Interfaces:
javax.servlet.http.HttpServletResponse, javax.servlet.ServletResponse
public class InterceptingHTTPServletResponse
extends javax.servlet.http.HttpServletResponseWrapper

The wrapper for the HttpServletResponse object which will be passed to the application being protected by the WAF. It contains logic for the response building API in order to allow the WAF rules regarding responses to work. Much of the work is delegated to other classes, especially InterceptingServletOutputStream

Author:
Arshan Dabirsiaghi

Field Summary
 
Fields inherited from interface javax.servlet.http.HttpServletResponse
SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY
 
Constructor Summary
InterceptingHTTPServletResponse(javax.servlet.http.HttpServletResponse response, boolean buffering, java.util.List<Rule> cookieRules)
           
 
Method Summary
 void addCookie(javax.servlet.http.Cookie cookie)
           
 void addCookie(javax.servlet.http.Cookie cookie, boolean isSession)
           
 void commit()
           
 void flush()
           
 java.lang.String getContentType()
           
 InterceptingServletOutputStream getInterceptingServletOutputStream()
           
 javax.servlet.ServletOutputStream getOutputStream()
           
 java.io.PrintWriter getWriter()
           
 boolean isUsingWriter()
           
 void setContentType(java.lang.String s)
           
 
Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addDateHeader, addHeader, addIntHeader, containsHeader, encodeRedirectUrl, encodeRedirectURL, encodeUrl, encodeURL, sendError, sendError, sendRedirect, setDateHeader, setHeader, setIntHeader, setStatus, setStatus
 
Methods inherited from class javax.servlet.ServletResponseWrapper
flushBuffer, getBufferSize, getCharacterEncoding, getLocale, getResponse, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setLocale, setResponse
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface javax.servlet.ServletResponse
flushBuffer, getBufferSize, getCharacterEncoding, getLocale, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setLocale
 

Constructor Detail

InterceptingHTTPServletResponse

public InterceptingHTTPServletResponse(javax.servlet.http.HttpServletResponse response,
                                       boolean buffering,
                                       java.util.List<Rule> cookieRules)
                                throws java.io.IOException
Throws:
java.io.IOException
Method Detail

isUsingWriter

public boolean isUsingWriter()

getInterceptingServletOutputStream

public InterceptingServletOutputStream getInterceptingServletOutputStream()

getOutputStream

public javax.servlet.ServletOutputStream getOutputStream()
                                                  throws java.lang.IllegalStateException,
                                                         java.io.IOException
Specified by:
getOutputStream in interface javax.servlet.ServletResponse
Overrides:
getOutputStream in class javax.servlet.ServletResponseWrapper
Throws:
java.lang.IllegalStateException
java.io.IOException

getWriter

public java.io.PrintWriter getWriter()
                              throws java.io.IOException
Specified by:
getWriter in interface javax.servlet.ServletResponse
Overrides:
getWriter in class javax.servlet.ServletResponseWrapper
Throws:
java.io.IOException

getContentType

public java.lang.String getContentType()
Specified by:
getContentType in interface javax.servlet.ServletResponse
Overrides:
getContentType in class javax.servlet.ServletResponseWrapper

setContentType

public void setContentType(java.lang.String s)
Specified by:
setContentType in interface javax.servlet.ServletResponse
Overrides:
setContentType in class javax.servlet.ServletResponseWrapper

flush

public void flush()

commit

public void commit()
            throws java.io.IOException
Throws:
java.io.IOException

addCookie

public void addCookie(javax.servlet.http.Cookie cookie)
Specified by:
addCookie in interface javax.servlet.http.HttpServletResponse
Overrides:
addCookie in class javax.servlet.http.HttpServletResponseWrapper

addCookie

public void addCookie(javax.servlet.http.Cookie cookie,
                      boolean isSession)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 The Open Web Application Security Project (OWASP). All Rights Reserved.