Package fr.gouv.vitam.common.security
Class SanityChecker
java.lang.Object
fr.gouv.vitam.common.security.SanityChecker
Checker for Sanity of XML, Json and JsonL (json-lines)
Json : check if json is not exceed the limit size, if json does not contain script tag
XML: check if XML file is not exceed the limit size, and it does not contain CDATA, ENTITY or SCRIPT tag
Json : check if json is not exceed the limit size, if json does not contain script tag
XML: check if XML file is not exceed the limit size, and it does not contain CDATA, ENTITY or SCRIPT tag
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionstatic voidcheckHeaders(javax.ws.rs.core.HttpHeaders headers) checkHeaders : Check sanity of Headers: no javascript/xml tag, neither html tagstatic voidcheckHeadersMap(javax.ws.rs.core.MultivaluedMap<String, String> requestHeaders) Checks sanity of Headers: no javascript/xml tag, neither html tagstatic voidcheckHTMLFile(File file) checkHTMLFile : Check if the file contains HTML contentstatic voidcheckJsonAll(com.fasterxml.jackson.databind.JsonNode json) checkJsonAll : Check sanity of json : size, invalid tagstatic voidcheckJsonAll(String json) checkJsonAll : Check sanity of json : size, invalid tagstatic voidcheckJsonFile(File jsonlFile) static voidcheckJsonLines(File jsonlFile) protected static voidcheckJsonSanity(com.fasterxml.jackson.databind.JsonNode json) checkJsonSanity : check sanity of json and find invalid keystatic voidcheckParameter(String... params) checkParameter : Check sanity of String: no javascript/xml tag, neither html tagstatic voidcheckUriParametersMap(javax.ws.rs.core.MultivaluedMap<String, String> uriParameters) Checks sanity of Headers: no javascript/xml tag, neither html tagstatic voidcheckXmlAll(File xmlFile) checkXMLAll : check xml sanity all aspect : size, tag size, invalid tagprotected static voidcheckXmlSanityFileSize(File xmlFile) CheckXMLSanityFileSize : check size of xml fileprotected static voidcheckXmlSanityTags(File xmlFile) CheckXMLSanityTags : check invalid tag contains of a xml fileprotected static voidcheckXmlSanityTagValueSize(File xmlFile) check XML Sanity Tag and Value Sizestatic intstatic longstatic longstatic intstatic StringsanitizeJson(com.fasterxml.jackson.databind.JsonNode json) Sabitize the jsonstatic voidsetLimitFieldSize(int limitFieldSize) static voidsetLimitFileSize(long limitFileSize) static voidsetLimitJsonSize(long limitJsonSize) static voidsetLimitParamSize(int limitParamSize)
-
Field Details
-
HTTP_PARAMETER_VALUE
- See Also:
-
HTTP_PERSISTENT_ID_PARAMETER_VALUE
- See Also:
-
-
Method Details
-
checkXmlAll
checkXMLAll : check xml sanity all aspect : size, tag size, invalid tag- Parameters:
xmlFile- as File- Throws:
InvalidParseOperationException- when parse file errorIOException- when read file errorInvalidParseOperationException- when Sanity Check is in error
-
sanitizeJson
public static String sanitizeJson(com.fasterxml.jackson.databind.JsonNode json) throws InvalidParseOperationException Sabitize the json- Parameters:
json-- Returns:
- sanitized json as String
- Throws:
InvalidParseOperationException
-
checkJsonAll
public static void checkJsonAll(com.fasterxml.jackson.databind.JsonNode json) throws InvalidParseOperationException checkJsonAll : Check sanity of json : size, invalid tag- Parameters:
json- as JsonNode- Throws:
InvalidParseOperationException- when Sanity Check is in error
-
checkJsonLines
public static void checkJsonLines(File jsonlFile) throws IOException, InvalidParseOperationException -
checkJsonFile
-
checkJsonAll
checkJsonAll : Check sanity of json : size, invalid tag- Parameters:
json- as String- Throws:
InvalidParseOperationException- when Sanity Check is in error
-
checkParameter
checkParameter : Check sanity of String: no javascript/xml tag, neither html tag- Parameters:
params-- Throws:
InvalidParseOperationException
-
checkHTMLFile
checkHTMLFile : Check if the file contains HTML content- Parameters:
file-- Throws:
InvalidParseOperationExceptionIOException
-
checkHeaders
public static void checkHeaders(javax.ws.rs.core.HttpHeaders headers) throws InvalidParseOperationException checkHeaders : Check sanity of Headers: no javascript/xml tag, neither html tag- Parameters:
headers-- Throws:
InvalidParseOperationException
-
checkHeadersMap
public static void checkHeadersMap(javax.ws.rs.core.MultivaluedMap<String, String> requestHeaders) throws InvalidParseOperationExceptionChecks sanity of Headers: no javascript/xml tag, neither html tag- Parameters:
requestHeaders-- Throws:
InvalidParseOperationException
-
checkUriParametersMap
public static void checkUriParametersMap(javax.ws.rs.core.MultivaluedMap<String, String> uriParameters) throws InvalidParseOperationExceptionChecks sanity of Headers: no javascript/xml tag, neither html tag- Parameters:
uriParameters-- Throws:
InvalidParseOperationException
-
checkXmlSanityTagValueSize
protected static void checkXmlSanityTagValueSize(File xmlFile) throws InvalidParseOperationException, IOException check XML Sanity Tag and Value Size- Parameters:
xmlFile- xml file- Throws:
IOException- when read file errorInvalidParseOperationException- when Sanity Check is in error
-
checkXmlSanityFileSize
CheckXMLSanityFileSize : check size of xml file- Parameters:
xmlFile- as File- Throws:
IOException- when read file exceptionInvalidParseOperationException- when Sanity Check is in error
-
checkXmlSanityTags
protected static void checkXmlSanityTags(File xmlFile) throws InvalidParseOperationException, IOException CheckXMLSanityTags : check invalid tag contains of a xml file- Parameters:
xmlFile- : XML file path as String- Throws:
IOException- when read file errorInvalidParseOperationException- when Sanity Check is in error
-
checkJsonSanity
protected static void checkJsonSanity(com.fasterxml.jackson.databind.JsonNode json) throws InvalidParseOperationException checkJsonSanity : check sanity of json and find invalid key- Parameters:
json- as JsonNode- Throws:
InvalidParseOperationException- when Sanity Check is in error
-
getLimitFileSize
public static long getLimitFileSize()- Returns:
- the limit File Size (XML or JSON)
-
setLimitFileSize
public static void setLimitFileSize(long limitFileSize) - Parameters:
limitFileSize- the limit File Size to set (XML or JSON)
-
getLimitJsonSize
public static long getLimitJsonSize()- Returns:
- the limit Size of a Json
-
setLimitJsonSize
public static void setLimitJsonSize(long limitJsonSize) - Parameters:
limitJsonSize- the limit Size of a Json to set
-
getLimitFieldSize
public static int getLimitFieldSize()- Returns:
- the limit Size of a Field in a Json
-
setLimitFieldSize
public static void setLimitFieldSize(int limitFieldSize) - Parameters:
limitFieldSize- the limit Size of a Field in a Json to set
-
getLimitParamSize
public static int getLimitParamSize()- Returns:
- the limit Size of a parameter
-
setLimitParamSize
public static void setLimitParamSize(int limitParamSize) - Parameters:
limitParamSize- the limit Size of a parameter to set
-