Package org.apache.tomcat.util.http

Class RequestUtil

java.lang.Object
org.apache.tomcat.util.http.RequestUtil
public class RequestUtil extends Object

  • Method Details

    • normalize

      public static String normalize(String path)
      Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.
      Parameters:
      path - Relative path to be normalized
      Returns:
      The normalized path or null if the path cannot be normalized

    • normalize

      public static String normalize(String path, boolean replaceBackSlash)
      Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.
      Parameters:
      path - Relative path to be normalized
      replaceBackSlash - Should '\\' be replaced with '/'
      Returns:
      The normalized path or null if the path cannot be normalized

    • isSameOrigin

      public static boolean isSameOrigin(HttpServletRequest request, String origin)

    • isValidOrigin

      public static boolean isValidOrigin(String origin)
      Checks if a given origin is valid or not. Criteria:
      • If an encoded character is present in origin, it's not valid.
      • If origin is "null", it's valid.
      • Origin should be a valid URI
      Parameters:
      origin - The origin URI
      Returns:
      true if the origin was valid
      See Also: