/** * Return Http Header Value after suitable validation * * @param headerValue Header Value which should be validated before being set * @return String Header Value sanitized for CRLF attack */ public static String getSafeHeaderValue(String headerValue) throws Exception { headerValue = removeLinearWhiteSpaces(headerValue); if (validateStringforCRLF(headerValue)) { throw new Exception("Header Value invalid characters"); } return headerValue; }
/** * Return Http Header Name after suitable validation * * @param headerName Header Name which should be validated before being set * @return String Header Name sanitized for CRLF attack */ public static String getSafeHeaderName(String headerName) throws Exception { headerName = removeLinearWhiteSpaces(headerName); if (validateStringforCRLF(headerName)) { throw new Exception("Header Name invalid characters"); } return headerName; }
/** * Return Http Header Name after suitable validation * * @param headerName Header Name which should be validated before being set * @return String Header Name sanitized for CRLF attack */ public static String getSafeHeaderName(String headerName) throws Exception { headerName = removeLinearWhiteSpaces(headerName); if (validateStringforCRLF(headerName)) { throw new Exception("Header Name invalid characters"); } return headerName; }
/** * Return Http Header Value after suitable validation * * @param headerValue Header Value which should be validated before being set * @return String Header Value sanitized for CRLF attack */ public static String getSafeHeaderValue(String headerValue) throws Exception { headerValue = removeLinearWhiteSpaces(headerValue); if (validateStringforCRLF(headerValue)) { throw new Exception("Header Value invalid characters"); } return headerValue; }
/** * Return Cookie Http Header Value after suitable validation * * @param headerValue Header Value which should be validated before being set * @return String Header Value sanitized for CRLF attack */ public static String getSafeCookieHeaderValue(String headerValue) throws Exception { headerValue = removeLinearWhiteSpaces(headerValue); if (validateStringforCRLF(headerValue)) { throw new Exception (" Cookie Header Value has invalid characters"); } return headerValue; } }
/** * Return Cookie Http Header Value after suitable validation * * @param headerValue Header Value which should be validated before being set * @return String Header Value sanitized for CRLF attack */ public static String getSafeCookieHeaderValue(String headerValue) throws Exception { headerValue = removeLinearWhiteSpaces(headerValue); if (validateStringforCRLF(headerValue)) { throw new Exception (" Cookie Header Value has invalid characters"); } return headerValue; } }
response.sendError(403, "Forbidden"); } else { response.sendRedirect(InputValidationUtil.removeLinearWhiteSpaces(redirectPath), false);