org.apache.tomcat.util.http
Class HttpMessages
java.lang.Object
org.apache.tomcat.util.http.HttpMessages
public class HttpMessages
- extends java.lang.Object
Handle (internationalized) HTTP messages.
- Author:
- James Duncan Davidson [duncan@eng.sun.com], James Todd [gonzo@eng.sun.com], Jason Hunter [jch@eng.sun.com], Harish Prabandham, costin@eng.sun.com
Method Summary |
static java.lang.String |
filter(java.lang.String message)
Filter the specified message string for characters that are sensitive
in HTML. |
static java.lang.String |
getMessage(int status)
Get the status string associated with a status code. |
static boolean |
isSafeInHttpHeader(java.lang.String msg)
Is the provided message safe to use in an HTTP header. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
sm
protected static StringManager sm
HttpMessages
public HttpMessages()
getMessage
public static java.lang.String getMessage(int status)
- Get the status string associated with a status code.
No I18N - return the messages defined in the HTTP spec.
( the user isn't supposed to see them, this is the last
thing to translate)
Common messages are cached.
filter
public static java.lang.String filter(java.lang.String message)
- Filter the specified message string for characters that are sensitive
in HTML. This avoids potential attacks caused by including JavaScript
codes in the request URL that is often reported in error messages.
- Parameters:
message
- The message string to be filtered
isSafeInHttpHeader
public static boolean isSafeInHttpHeader(java.lang.String msg)
- Is the provided message safe to use in an HTTP header. Safe messages must
meet the requirements of RFC2616 - i.e. must consist only of TEXT.
- Parameters:
msg
- The message to test
- Returns:
true
if the message is safe to use in an HTTP
header else false
Copyright © 2000-2017 Apache Software Foundation. All Rights Reserved.