SafeParametersInterceptor (Atlassian XWork 1.13-beta1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.atlassian.xwork.interceptors
Class SafeParametersInterceptor

java.lang.Object
  com.opensymphony.xwork.interceptor.AroundInterceptor
      com.atlassian.xwork.interceptors.SafeParametersInterceptor

All Implemented Interfaces:: com.opensymphony.xwork.interceptor.Interceptor, Serializable

Direct Known Subclasses:: SafeParametersInterceptor, SafeParametersInterceptor

public abstract class SafeParametersInterceptor
extends com.opensymphony.xwork.interceptor.AroundInterceptor
extends com.opensymphony.xwork.interceptor.AroundInterceptor

Injects submitted form parameters into action properties. This implementation performs white-list based sanity checks on incoming parameters before allowing OGNL to perform any potentially dangerous operations on an action, closing off an entire category of parameter injection attacks.

Parameters that set a value on an action directly will be allowed as will index-based setters for collections of values. However:

To defend against possible OGNL vulnerabilities (especially Unicode attacks), parameter names will be filtered so only ascii alphanumeric characters (plus the underscore, square brackets and apostrophes) are permitted
If the dot-notation is used to access some property on an action (i.e. a parameter called "search.query") the type returned from the getter (getSearch()) MUST have the @ParameterSafe annotation for the parameter to be accepted, or the getter method must have the @ParameterSafe annotation
If the map-notation is used to access some property on an action (i.e. a parameter called "map['key']") the getter method must have the @ParameterSafe annotation

These last two checks (@ParameterSafe checks for dot- and map-notation) can be skipped by setting disableAnnotationChecks. When disabled this interceptor still prevents Unicode-attacks (amoungst other things) but allows dot/map traversal of any POJO retrievable from an action. To disable, use a param e.g.

  <interceptor name="params" class="com.atlassian.xwork12.interceptors.SafeParametersInterceptor">
     <param name="disableAnnotationChecks">true</param>
  </interceptor>

See Also:: Serialized Form

Field Summary
`static org.apache.log4j.Logger`	`log`

Constructor Summary
`protected`	`SafeParametersInterceptor(XWorkVersionSupport versionSupport)`

Method Summary
`protected void`	`after(com.opensymphony.xwork.ActionInvocation dispatcher, String result)`
`protected void`	`before(com.opensymphony.xwork.ActionInvocation invocation)`
`void`	`setDisableAnnotationChecks(boolean disableAnnotationChecks)`
`protected boolean`	`shouldNotIntercept(com.opensymphony.xwork.ActionInvocation actionInvocation)` The implementation of this method should evalutate if the passed in actionInvocation.getAction() is of a type `NoParameters` if it is, we should not bother intercepting.

Methods inherited from class com.opensymphony.xwork.interceptor.AroundInterceptor
`destroy, init, intercept`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

log

public static final org.apache.log4j.Logger log

Constructor Detail