EncodeUtils (labkey-client-api 6.3.0 API)

java.lang.Object

org.labkey.remoteapi.internal.EncodeUtils

public class EncodeUtils extends Object

Field Summary

Fields

Modifier and Type

Field

Description

static final String

WAF_PREFIX
Constructor Summary

Constructors

Constructor

Description

EncodeUtils()
Method Summary

Modifier and Type

Method

Description

static String

encodeURIComponent(String s)

URL Encode string.

static String

wafEncode(String plain)

Obfuscates content that's often intercepted by web application firewalls that are scanning for likely SQL or script injection.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- WAF_PREFIX
  
  public static final String WAF_PREFIX
  See Also:
  
  Constant Field Values
Constructor Details
- EncodeUtils
  
  public EncodeUtils()
Method Details
- wafEncode
  
  public static String wafEncode(String plain)
  
  Obfuscates content that's often intercepted by web application firewalls that are scanning for likely SQL or script injection. We have a handful of endpoints that intentionally accept SQL or script, so we encode the text to avoid tripping alarms. It's a simple BASE64 encoding that obscures the content, and lets the WAF scan for and reject malicious content on all other parameters. See issue 48509 and PageFlowUtil.wafEncode()/wafDecode().
- encodeURIComponent
  
  public static String encodeURIComponent(String s)
  
  URL Encode string. NOTE! this should be used on parts of a url, not an entire url Like JavaScript encodeURIComponent()