Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.esapi.waf.internal
Class InterceptingServletOutputStream

java.lang.Object
  extended by java.io.OutputStream
      extended by javax.servlet.ServletOutputStream
          extended by org.owasp.esapi.waf.internal.InterceptingServletOutputStream
All Implemented Interfaces:
Closeable, Flushable
public class InterceptingServletOutputStream
extends javax.servlet.ServletOutputStream

This class was inspired by ModSecurity for Java by Ivan Ristic. We hook the response stream and queue up all outbound data so that we can apply egress rules. For efficiency, we decide off the bat if we need to buffer responses to accomplish any of the rules in the policy file. If not, we just forward everything through, otherwise we write data to our byte stream that we will eventually forward en totale to the user agent.

Author:
Arshan Dabirsiaghi

Constructor Summary
InterceptingServletOutputStream(javax.servlet.ServletOutputStream os, boolean buffered)
           
 
Method Summary
 void close()
           
 void commit()
           
 void flush()
           
 byte[] getResponseBytes()
           
 void reset()
           
 void setResponseBytes(byte[] responseBytes)
           
 void write(byte[] b)
           
 void write(byte[] b, int off, int len)
           
 void write(int i)
           
 
Methods inherited from class javax.servlet.ServletOutputStream
print, print, print, print, print, print, print, println, println, println, println, println, println, println, println
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

InterceptingServletOutputStream

public InterceptingServletOutputStream(javax.servlet.ServletOutputStream os,
                                       boolean buffered)
                                throws FileNotFoundException,
                                       IOException
Throws:
FileNotFoundException
IOException
Method Detail

reset

public void reset()
           throws IOException
Throws:
IOException

getResponseBytes

public byte[] getResponseBytes()
                        throws IOException
Throws:
IOException

setResponseBytes

public void setResponseBytes(byte[] responseBytes)
                      throws IOException
Throws:
IOException

write

public void write(int i)
           throws IOException
Specified by:
write in class OutputStream
Throws:
IOException

write

public void write(byte[] b)
           throws IOException
Overrides:
write in class OutputStream
Throws:
IOException

write

public void write(byte[] b,
                  int off,
                  int len)
           throws IOException
Overrides:
write in class OutputStream
Throws:
IOException

flush

public void flush()
           throws IOException
Specified by:
flush in interface Flushable
Overrides:
flush in class OutputStream
Throws:
IOException

commit

public void commit()
            throws IOException
Throws:
IOException

close

public void close()
           throws IOException
Specified by:
close in interface Closeable
Overrides:
close in class OutputStream
Throws:
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013 The Open Web Application Security Project (OWASP). All Rights Reserved.