public class DefaultAttachmentSafeContentHeaderGuesser extends Object implements SafeContentHeaderGuesser
| Constructor and Description | 
|---|
| DefaultAttachmentSafeContentHeaderGuesser() | 
| Modifier and Type | Method and Description | 
|---|---|
| Map<String,String> | computeAttachmentHeaders(InputStream contents,
                        String contentType,
                        String name,
                        String userAgent,
                        long contentLength,
                        boolean hasXsrfToken,
                        Map<String,String> httpQueryParams)Deprecated.  | 
| Map<String,String> | computeAttachmentHeaders(String contentType,
                        InputStream contents,
                        String name,
                        String userAgent,
                        long contentLength,
                        boolean hasXsrfToken,
                        Map<String,String[]> httpQueryParams)Returns a map of headers with their values. | 
| Map<String,String> | computeAttachmentHeaders(String contentType,
                        String name,
                        String userAgent,
                        long contentLength,
                        boolean hasXsrfToken,
                        Map<String,String> httpQueryParams)Deprecated.  | 
| void | setContentTypeAndDispositionHeaderBlacklist(com.atlassian.http.mime.ContentDispositionHeaderGuesser contentTypeAndDispositionHeaderBlacklist) | 
| void | setMimeTypeTranslator(AttachmentMimeTypeTranslator mimeTypeTranslator) | 
public DefaultAttachmentSafeContentHeaderGuesser()
public Map<String,String> computeAttachmentHeaders(String contentType, InputStream contents, String name, String userAgent, long contentLength, boolean hasXsrfToken, Map<String,String[]> httpQueryParams) throws IOException
SafeContentHeaderGuesserThe purpose of this method is to guess a safe content type header (and associated content-disposition headers), so that it is difficult to perform xss using attachments.
computeAttachmentHeaders in interface SafeContentHeaderGuessercontentType - the existing content-type that the attachment has.contents - attachment contentsname - the filename of the attachmentuserAgent - the user agent of the client requesting the attachmentcontentLength - the length of the attachmenthttpQueryParams - a map of the http query parametersIOException - if the attachments contents could not be read@Deprecated public Map<String,String> computeAttachmentHeaders(InputStream contents, String contentType, String name, String userAgent, long contentLength, boolean hasXsrfToken, Map<String,String> httpQueryParams)
SafeContentHeaderGuesserThe purpose of this method is to guess a safe content type header (and associated content-disposition headers), so that it is difficult to perform xss using attachments.
computeAttachmentHeaders in interface SafeContentHeaderGuessercontents - attachment contentscontentType - the existing content-type that the attachment has.name - the filename of the attachmentuserAgent - the user agent of the client requesting the attachmentcontentLength - the length of the attachmenthttpQueryParams - a map of the http query parameters.@Deprecated public Map<String,String> computeAttachmentHeaders(String contentType, String name, String userAgent, long contentLength, boolean hasXsrfToken, Map<String,String> httpQueryParams)
SafeContentHeaderGuesserThe purpose of this method is to guess a safe content type header (and associated content-disposition headers), so that it is difficult to perform xss using attachments.
computeAttachmentHeaders in interface SafeContentHeaderGuessercontentType - the existing content-type that the attachment has.name - the filename of the attachmentuserAgent - the user agent of the client requesting the attachmentcontentLength - the length of the attachmenthttpQueryParams - a map of the http query parameters.public void setMimeTypeTranslator(AttachmentMimeTypeTranslator mimeTypeTranslator)
public void setContentTypeAndDispositionHeaderBlacklist(com.atlassian.http.mime.ContentDispositionHeaderGuesser contentTypeAndDispositionHeaderBlacklist)
Copyright © 2003–2018 Atlassian. All rights reserved.