com.atlassian.jira.web.action
Class RedirectSanitiserStub
java.lang.Object
com.atlassian.jira.web.action.RedirectSanitiserStub
- All Implemented Interfaces:
- RedirectSanitiser
public class RedirectSanitiserStub
- extends Object
- implements RedirectSanitiser
Stub for use in unit tests.
- Since:
- v5.1.5
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RedirectSanitiserStub
public RedirectSanitiserStub()
makeSafeRedirectUrl
public String makeSafeRedirectUrl(@Nullable
String redirectUrl)
- Description copied from interface:
RedirectSanitiser
- Constructs a safe redirect URL out of user-provided input. This means checking that the URL has an HTTP or
HTTPS scheme, and that it does not redirect to a different domain (i.e. not JIRA). If the
redirectUrl
does not meet these conditions, this method returns null.
This is used to prevent Open redirect attacks, which
facilitate phishing attacks against JIRA users.
- Specified by:
makeSafeRedirectUrl
in interface RedirectSanitiser
- Parameters:
redirectUrl
- a String containing the redirect URL
- Returns:
- The
redirectUrl
parameter.
Copyright © 2002-2012 Atlassian. All Rights Reserved.