UtilHtmlSanitizer.java example

Explorer
data-access-master
- core
  - src
/*!
* This program is free software; you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License, version 2.1 as published by the Free Software
* Foundation.
*
* You should have received a copy of the GNU Lesser General Public License along with this
* program; if not, you can obtain a copy at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
* or from the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU Lesser General Public License for more details.
*
* Copyright (c) 2002-2017 Pentaho Corporation..  All rights reserved.
*/

package org.pentaho.platform.dataaccess.datasource.wizard.service.impl.utils;

import org.apache.commons.lang.StringEscapeUtils;
import org.pentaho.database.model.IDatabaseConnection;

/**
 * Created by Yury_Bakhmutski on 8/11/2016.
 */
public class UtilHtmlSanitizer {

  public void sanitizeConnectionParameters( IDatabaseConnection connection ) {
    String safeName = safeEscapeHtml( connection.getName() );
    connection.setName( safeName );

    String safeDbName = safeEscapeHtml( connection.getDatabaseName() );
    connection.setDatabaseName( safeDbName );

    String safeDbPort = safeEscapeHtml( connection.getDatabasePort() );
    connection.setDatabasePort( safeDbPort );

    String safeHostname = safeEscapeHtml( connection.getHostname() );
    connection.setHostname( safeHostname );

    String safePassword = safeEscapeHtml( connection.getPassword() );
    connection.setPassword( safePassword );

    String safeUsername = safeEscapeHtml( connection.getUsername() );
    connection.setUsername( safeUsername );
  }

  public void unsanitizeConnectionParameters( IDatabaseConnection connection ) {
    String safeName = StringEscapeUtils.unescapeHtml( connection.getName() );
    connection.setName( safeName );

    String safeDbName = StringEscapeUtils.unescapeHtml( connection.getDatabaseName() );
    connection.setDatabaseName( safeDbName );

    String safeDbPort = StringEscapeUtils.unescapeHtml( connection.getDatabasePort() );
    connection.setDatabasePort( safeDbPort );

    String safeHostname = StringEscapeUtils.unescapeHtml( connection.getHostname() );
    connection.setHostname( safeHostname );

    String safePassword = StringEscapeUtils.unescapeHtml( connection.getPassword() );
    connection.setPassword( safePassword );

    String safeUsername = StringEscapeUtils.unescapeHtml( connection.getUsername() );
    connection.setUsername( safeUsername );
  }

  public String safeEscapeHtml( String html ) {
    return StringEscapeUtils.escapeHtml( StringEscapeUtils.unescapeHtml( html ) );
  }

}