File Source: securitytokentag.java
/*
P/P * Method: net.sourceforge.pebble.web.tagext.SecurityTokenTag__static_init
*/
1 /*
2 * Copyright (c) 2003-2005, Simon Brown
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 *
8 * - Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 *
11 * - Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
14 * distribution.
15 *
16 * - Neither the name of Pebble nor the names of its contributors may
17 * be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 */
32 package net.sourceforge.pebble.web.tagext;
33
34 import net.sourceforge.pebble.web.security.SecurityTokenValidator;
35
/*
P/P * Method: void net.sourceforge.pebble.web.tagext.SecurityTokenTag()
*/
36 import javax.servlet.jsp.JspException;
37 import javax.servlet.jsp.JspWriter;
38 import javax.servlet.jsp.tagext.TagSupport;
39 import java.io.IOException;
40
41 /**
42 * Tag that writes the security token as a hidden input parameter to the request
43 * @author James Roper
44 */
45 public class SecurityTokenTag extends TagSupport {
46
47 /** true if we're rendering for a query */
48 private boolean query;
49
50 @Override
/*
P/P * Method: int doStartTag()
*
* Preconditions:
* this.pageContext != null
* (soft) init'ed(this.query)
*
* Presumptions:
* java.io.Writer:append(...)@57 != null
* java.io.Writer:append(...)@60 != null
* javax.servlet.jsp.JspWriter:append(...)@57 != null
* javax.servlet.jsp.JspWriter:append(...)@59 != null
* javax.servlet.jsp.JspWriter:append(...)@60 != null
* ...
*
* Postconditions:
* return_value == 0
*
* Test Vectors:
* this.query: {0}, {1}
* javax.servlet.ServletRequest:getAttribute(...)@53: Addr_Set{null}, Inverse{null}
*/
51 public int doStartTag() throws JspException {
52 JspWriter out = pageContext.getOut();
53 String token = (String) pageContext.getRequest().getAttribute(SecurityTokenValidator.PEBBLE_SECURITY_TOKEN_PARAMETER);
54 if (token != null) {
55 try {
56 if (query) {
57 out.append(SecurityTokenValidator.PEBBLE_SECURITY_TOKEN_PARAMETER).append("=").append(token);
58 } else {
59 out.append("<input type=\"hidden\" name=\"").append(SecurityTokenValidator.PEBBLE_SECURITY_TOKEN_PARAMETER);
60 out.append("\" value=\"").append(token).append("\"/>");
61 }
62 } catch (IOException ioe) {
63 throw new JspException(ioe);
64 }
65 }
66 return SKIP_BODY;
67 }
68
/*
P/P * Method: void setQuery(bool)
*
* Postconditions:
* this.query == query
* init'ed(this.query)
*/
69 public void setQuery(boolean query) {
70 this.query = query;
71 }
72 }
SofCheck Inspector Build Version : 2.22510
| securitytokentag.java |
2010-Jun-25 19:40:32 |
| securitytokentag.class |
2010-Jul-19 20:23:38 |