Summary Table
Categories |
Total Count |
PII |
0 |
URL |
0 |
DNS |
0 |
EKL |
0 |
IP |
0 |
PORT |
0 |
VsID |
0 |
CF |
0 |
AI |
0 |
VPD |
0 |
PL |
0 |
Other |
0 |
File Content
/*
* XssFilter.java
* Copyright (c) 2018 Veterans Affairs.
*/
package gov.va.security.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
/**
* Description: This filter is used to mitigate any cross site vulnerability
* passed in.
*
* @author AbleVets
*/
@Component
@Order(1)
public class XssFilter implements Filter
{
private static final Logger logger = LoggerFactory.getLogger(XssFilter.class);
/**
* {@inheritDoc}
*/
@Override
public void init(final FilterConfig filterConfig) throws ServletException
{
logger.info("Initializing XSS filter :{}", this);
}
/**
* {@inheritDoc}
*/
@Override
public void doFilter(final ServletRequest request, final ServletResponse response,
final FilterChain chain) throws IOException, ServletException
{
HttpServletRequest req = (HttpServletRequest) request;
logger.info("Starting XSS Analysis for req");
chain.doFilter(new XssRequestWrapper(req),
new XssSecurityWrapperResponse((HttpServletResponse) response));
}
/**
* {@inheritDoc}
*/
@Override
public void destroy()
{
logger.warn("Destructing XSS filter :{}", this);
}
}