Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.jira.web.action
Class RedirectSanitiserStub

java.lang.Object
  extended by com.atlassian.jira.web.action.RedirectSanitiserStub
All Implemented Interfaces:
RedirectSanitiser
public class RedirectSanitiserStub
extends Object
implements RedirectSanitiser

Stub for use in unit tests.

Since:
v5.1.5

Constructor Summary
RedirectSanitiserStub()
           
 
Method Summary
 String makeSafeRedirectUrl(String redirectUrl)
          Constructs a safe redirect URL out of user-provided input.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RedirectSanitiserStub

public RedirectSanitiserStub()
Method Detail

makeSafeRedirectUrl

public String makeSafeRedirectUrl(@Nullable
                                  String redirectUrl)
Description copied from interface: RedirectSanitiser
Constructs a safe redirect URL out of user-provided input. This means checking that the URL has an HTTP or HTTPS scheme, and that it does not redirect to a different domain (i.e. not JIRA). If the redirectUrl does not meet these conditions, this method returns null.

This is used to prevent Open redirect attacks, which facilitate phishing attacks against JIRA users.

Specified by:
makeSafeRedirectUrl in interface RedirectSanitiser
Parameters:
redirectUrl - a String containing the redirect URL
Returns:
The redirectUrl parameter.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2002-2012 Atlassian. All Rights Reserved.