Package com.skava.orchestration.strategy

Class HeaderSanitization

java.lang.Object
com.skava.orchestration.strategy.HeaderSanitization
All Implemented Interfaces:
jakarta.servlet.Filter
@WebFilter("/*") @Component public class HeaderSanitization extends Object implements jakarta.servlet.Filter
Clean up the headers that are returned to a HTTP client by a Camel route.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    DEFAULT_LOCALE
    The Constant DEFAULT_LOCALE.
    static final String
    KEY_LOCALE
    locale keyword.

  • Constructor Summary

    Constructors
    Constructor
    Description
    HeaderSanitization()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    checkProtocol(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response)
    Checks if the request uses the HTTPS protocol and if the protocol is supported.
    void
    destroy()
    Destroy.
    void
    doFilter(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response, jakarta.servlet.FilterChain chain)
    Do filter.
    void
    init(jakarta.servlet.FilterConfig filterConfig)
    Inits the.
    static String
    stripXSS(String value)
    Strips any potential XSS threats out of the value excluding the white listed HTML.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • HeaderSanitization

      public HeaderSanitization()

  • Method Details

    • init

      public void init(jakarta.servlet.FilterConfig filterConfig) throws jakarta.servlet.ServletException
      Inits the.
      Specified by:
      init in interface jakarta.servlet.Filter
      Parameters:
      filterConfig - the filter config
      Throws:
      jakarta.servlet.ServletException - the servlet exception

    • doFilter

      public void doFilter(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response, jakarta.servlet.FilterChain chain) throws IOException, jakarta.servlet.ServletException
      Do filter.
      Specified by:
      doFilter in interface jakarta.servlet.Filter
      Parameters:
      request - the request
      response - the response
      chain - the chain
      Throws:
      IOException - Signals that an I/O exception has occurred.
      jakarta.servlet.ServletException - the servlet exception

    • checkProtocol

      public void checkProtocol(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response) throws IOException
      Checks if the request uses the HTTPS protocol and if the protocol is supported.
      Parameters:
      request - the HttpServletRequest object
      response - the HttpServletResponse object
      Throws:
      IOException - if an input or output exception occurs

    • destroy

      public void destroy()
      Destroy.
      Specified by:
      destroy in interface jakarta.servlet.Filter

    • stripXSS

      public static String stripXSS(String value)
      Strips any potential XSS threats out of the value excluding the white listed HTML.
      Parameters:
      value - Indicates a string value for encoding.
      Returns:
      Returns the the ESAPI library value to avoid encoded attacks.