Package org.owasp.esapi.waf.internal
Class InterceptingHTTPServletResponse
- java.lang.Object
-
- javax.servlet.ServletResponseWrapper
-
- javax.servlet.http.HttpServletResponseWrapper
-
- org.owasp.esapi.waf.internal.InterceptingHTTPServletResponse
-
- All Implemented Interfaces:
javax.servlet.http.HttpServletResponse
,javax.servlet.ServletResponse
public class InterceptingHTTPServletResponse extends javax.servlet.http.HttpServletResponseWrapper
The wrapper for the HttpServletResponse object which will be passed to the application being protected by the WAF. It contains logic for the response building API in order to allow the WAF rules regarding responses to work. Much of the work is delegated to other classes, especially InterceptingServletOutputStream- Author:
- Arshan Dabirsiaghi
-
-
Field Summary
-
Fields inherited from interface javax.servlet.http.HttpServletResponse
SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY
-
-
Constructor Summary
Constructors Constructor Description InterceptingHTTPServletResponse(javax.servlet.http.HttpServletResponse response, boolean buffering, java.util.List<Rule> cookieRules)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCookie(javax.servlet.http.Cookie cookie)
void
addCookie(javax.servlet.http.Cookie cookie, boolean isSession)
void
commit()
void
flush()
java.lang.String
getContentType()
InterceptingServletOutputStream
getInterceptingServletOutputStream()
javax.servlet.ServletOutputStream
getOutputStream()
java.io.PrintWriter
getWriter()
boolean
isUsingWriter()
void
setContentType(java.lang.String s)
-
Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addDateHeader, addHeader, addIntHeader, containsHeader, encodeRedirectUrl, encodeRedirectURL, encodeUrl, encodeURL, getHeader, getHeaderNames, getHeaders, getStatus, getTrailerFields, sendError, sendError, sendRedirect, setDateHeader, setHeader, setIntHeader, setStatus, setStatus, setTrailerFields
-
Methods inherited from class javax.servlet.ServletResponseWrapper
flushBuffer, getBufferSize, getCharacterEncoding, getLocale, getResponse, isCommitted, isWrapperFor, isWrapperFor, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentLengthLong, setLocale, setResponse
-
-
-
-
Constructor Detail
-
InterceptingHTTPServletResponse
public InterceptingHTTPServletResponse(javax.servlet.http.HttpServletResponse response, boolean buffering, java.util.List<Rule> cookieRules) throws java.io.IOException
- Throws:
java.io.IOException
-
-
Method Detail
-
isUsingWriter
public boolean isUsingWriter()
-
getInterceptingServletOutputStream
public InterceptingServletOutputStream getInterceptingServletOutputStream()
-
getOutputStream
public javax.servlet.ServletOutputStream getOutputStream() throws java.lang.IllegalStateException, java.io.IOException
- Specified by:
getOutputStream
in interfacejavax.servlet.ServletResponse
- Overrides:
getOutputStream
in classjavax.servlet.ServletResponseWrapper
- Throws:
java.lang.IllegalStateException
java.io.IOException
-
getWriter
public java.io.PrintWriter getWriter() throws java.io.IOException
- Specified by:
getWriter
in interfacejavax.servlet.ServletResponse
- Overrides:
getWriter
in classjavax.servlet.ServletResponseWrapper
- Throws:
java.io.IOException
-
getContentType
public java.lang.String getContentType()
- Specified by:
getContentType
in interfacejavax.servlet.ServletResponse
- Overrides:
getContentType
in classjavax.servlet.ServletResponseWrapper
-
setContentType
public void setContentType(java.lang.String s)
- Specified by:
setContentType
in interfacejavax.servlet.ServletResponse
- Overrides:
setContentType
in classjavax.servlet.ServletResponseWrapper
-
flush
public void flush()
-
commit
public void commit() throws java.io.IOException
- Throws:
java.io.IOException
-
addCookie
public void addCookie(javax.servlet.http.Cookie cookie)
- Specified by:
addCookie
in interfacejavax.servlet.http.HttpServletResponse
- Overrides:
addCookie
in classjavax.servlet.http.HttpServletResponseWrapper
-
addCookie
public void addCookie(javax.servlet.http.Cookie cookie, boolean isSession)
-
-