Package org.opennms.web.controller
Class RedirectRestricter
- java.lang.Object
-
- org.opennms.web.controller.RedirectRestricter
-
public class RedirectRestricter extends java.lang.Object
Open redirects are a security issue: https://www.netsparker.com/blog/web-security/open-redirection-vulnerability-information-prevention/ Therefor we need to make sure that we react only on allowed redirects. This class helps validate redirect requests against a whitelist.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
RedirectRestricter.RedirectRestricterBuilder
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static RedirectRestricter.RedirectRestricterBuilder
builder()
java.lang.String
getRedirectOrNull(java.lang.String redirect)
Returns the given redirect if allowed, otherwise null.boolean
isRedirectAllowed(java.lang.String redirect)
-
-
-
Method Detail
-
isRedirectAllowed
public boolean isRedirectAllowed(java.lang.String redirect)
-
getRedirectOrNull
public java.lang.String getRedirectOrNull(java.lang.String redirect)
Returns the given redirect if allowed, otherwise null.
-
builder
public static RedirectRestricter.RedirectRestricterBuilder builder()
-
-