Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

hudson.markup
Class EbayPolicy

java.lang.Object
  extended by hudson.markup.EbayPolicy

public class EbayPolicy
extends Object

Based on the AntiSamy EBay example.

eBay (http://www.ebay.com/) is the most popular online auction site in the universe, as far as I can tell. It is a public site so anyone is allowed to post listings with rich HTML content. It's not surprising that given the attractiveness of eBay as a target that it has been subject to a few complex XSS attacks. Listings are allowed to contain much more rich content than, say, Slashdot- so it's attack surface is considerably larger. The following tags appear to be accepted by eBay (they don't publish rules): <a>,...

Field Summary
static org.owasp.html.PolicyFactory POLICY_DEFINITION
           
 
Constructor Summary
EbayPolicy()
           
 
Method Summary
static void main(String[] args)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

POLICY_DEFINITION

public static final org.owasp.html.PolicyFactory POLICY_DEFINITION
Constructor Detail

EbayPolicy

public EbayPolicy()
Method Detail

main

public static void main(String[] args)
                 throws IOException
Throws:
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2013. All Rights Reserved.