Package com.microstrategy.utils
Class URLWhiteListHelper
- java.lang.Object
-
- com.microstrategy.utils.URLWhiteListHelper
-
public class URLWhiteListHelper extends java.lang.Object
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static boolean
isSameOrigin(java.net.URI uri, javax.servlet.http.HttpServletRequest request)
Validates the URL string is same origin as request.static boolean
isValidDomains(java.net.URI uri)
Validates the uri has a valid domain through whitelist.static boolean
isValidProtocol(java.net.URI uri)
Validates the uri has a valid protocol through whitelist.static boolean
isValidRedirect(java.lang.String location, javax.servlet.http.HttpServletRequest request)
Validates the URL string is a valid redirect URL.
-
-
-
Method Detail
-
isValidDomains
public static boolean isValidDomains(java.net.URI uri)
Validates the uri has a valid domain through whitelist.- Parameters:
uri
- a URI representing a uri- Returns:
- true if RedirectResponseFilter is commented out in WEB-INF\web.xml or domains equals "*" or domains contains uri' host or *.uri or uri is a relative uri.
-
isValidProtocol
public static boolean isValidProtocol(java.net.URI uri)
Validates the uri has a valid protocol through whitelist.- Parameters:
uri
- a URI representing a uri- Returns:
- true if RedirectResponseFilter is commented out in WEB-INF\web.xml or allowedProtocols equals "*" or allowedProtocols contains uri's scheme or uri is a relative uri.
-
isSameOrigin
public static boolean isSameOrigin(java.net.URI uri, javax.servlet.http.HttpServletRequest request)
Validates the URL string is same origin as request.- Parameters:
uri
- a URI representing a URLrequest
- the HttpServletRequest representing the request- Returns:
- true if the redirect URL has the same protocol and same domain as request at the same time.
-
isValidRedirect
public static boolean isValidRedirect(java.lang.String location, javax.servlet.http.HttpServletRequest request)
Validates the URL string is a valid redirect URL.- Parameters:
location
- a String representing a URLrequest
- a HttpServletRequest representing the http request- Returns:
- true if disable whitelist in web.xml or enable whitelist and it has valid protocol and valid domain or the redirect URL is same origin as request or uri is a relative uri.
-
-