Package org.apache.tomcat.util.http
Class RequestUtil
java.lang.Object
org.apache.tomcat.util.http.RequestUtil
-
Method Summary
Modifier and TypeMethodDescriptionstatic boolean
isSameOrigin
(HttpServletRequest request, String origin) static boolean
isValidOrigin
(String origin) Checks if a given origin is valid or not.static String
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.static String
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.
-
Method Details
-
normalize
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.- Parameters:
path
- Relative path to be normalized- Returns:
- The normalized path or
null
if the path cannot be normalized
-
normalize
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.- Parameters:
path
- Relative path to be normalizedreplaceBackSlash
- Should '\\' be replaced with '/'- Returns:
- The normalized path or
null
if the path cannot be normalized
-
isSameOrigin
-
isValidOrigin
Checks if a given origin is valid or not. Criteria:- If an encoded character is present in origin, it's not valid.
- If origin is "null", it's valid.
- Origin should be a valid
URI
- Parameters:
origin
- The origin URI- Returns:
true
if the origin was valid- See Also:
-