Package org.opennms.web.controller
Class RedirectRestricter
- java.lang.Object
-
- org.opennms.web.controller.RedirectRestricter
-
public class RedirectRestricter extends Object
Open redirects are a security issue: https://www.netsparker.com/blog/web-security/open-redirection-vulnerability-information-prevention/ Therefor we need to make sure that we react only on allowed redirects. This class helps validate redirect requests against a whitelist.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classRedirectRestricter.RedirectRestricterBuilder
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static RedirectRestricter.RedirectRestricterBuilderbuilder()StringgetRedirectOrNull(String redirect)Returns the given redirect if allowed, otherwise null.booleanisRedirectAllowed(String redirect)
-
-
-
Method Detail
-
isRedirectAllowed
public boolean isRedirectAllowed(String redirect)
-
getRedirectOrNull
public String getRedirectOrNull(String redirect)
Returns the given redirect if allowed, otherwise null.
-
builder
public static RedirectRestricter.RedirectRestricterBuilder builder()
-
-