Package org.apache.tomcat.util.http
Class RequestUtil
- java.lang.Object
- 
- org.apache.tomcat.util.http.RequestUtil
 
- 
 public class RequestUtil extends java.lang.Object
- 
- 
Method SummaryAll Methods Static Methods Concrete Methods Modifier and Type Method Description static booleanisSameOrigin(HttpServletRequest request, java.lang.String origin)static booleanisValidOrigin(java.lang.String origin)Checks if a given origin is valid or not.static java.lang.Stringnormalize(java.lang.String path)Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.static java.lang.Stringnormalize(java.lang.String path, boolean replaceBackSlash)Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.
 
- 
- 
- 
Method Detail- 
normalizepublic static java.lang.String normalize(java.lang.String path) Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.- Parameters:
- path- Relative path to be normalized
- Returns:
- The normalized path or nullif the path cannot be normalized
 
 - 
normalizepublic static java.lang.String normalize(java.lang.String path, boolean replaceBackSlash)Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.- Parameters:
- path- Relative path to be normalized
- replaceBackSlash- Should '\\' be replaced with '/'
- Returns:
- The normalized path or nullif the path cannot be normalized
 
 - 
isSameOriginpublic static boolean isSameOrigin(HttpServletRequest request, java.lang.String origin) 
 - 
isValidOriginpublic static boolean isValidOrigin(java.lang.String origin) Checks if a given origin is valid or not. Criteria:- If an encoded character is present in origin, it's not valid.
- If origin is "null", it's valid.
- Origin should be a valid URI
 - Parameters:
- origin- The origin URI
- Returns:
- trueif the origin was valid
- See Also:
- RFC952
 
 
- 
 
-