Class EncodingFilteredBodyTag
- java.lang.Object
-
- javax.servlet.jsp.tagext.TagSupport
-
- javax.servlet.jsp.tagext.BodyTagSupport
-
- com.aoindustries.encoding.taglib.legacy.EncodingFilteredBodyTag
-
- All Implemented Interfaces:
Serializable,BodyTag,IterationTag,JspTag,Tag,TryCatchFinally
- Direct Known Subclasses:
EncodingTag,JavaScriptTag,JsonTag,LdJsonTag,MysqlTag,PsqlTag,ShTag,TextTag,UrlTag,XhtmlAttributeTag,XhtmlTag
public abstract class EncodingFilteredBodyTag extends BodyTagSupport implements TryCatchFinally
An implementation of
BodyTagSupportthat automatically validates its content and automatically encodes its output correctly given its context. It also validates its own output when used in a non-validating context. For higher performance, it filters the output from its body instead of buffering.The content validation is primarily focused on making sure the contained data is properly encoded. This is to avoid data corruption or intermingling of data and code. It does not go through great lengths such as ensuring that XHTML Strict is valid or JavaScript will run correctly.
In additional to checking that its contents are well behaved, it also is well behaved for its container by properly encoding its output for its context. To determine its context, it uses the content type of the currently registered
RequestEncodingContextto perform proper encoding. If it fails to find any such context, it uses the content type of theHttpServletResponse.Finally, if no existing
RequestEncodingContextis found, this will validate its own output against the content type of theHttpServletResponseto make sure it is well-behaved.- Author:
- AO Industries, Inc.
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static intEVAL_BODY_FILTEREDReturn value fordoStartTag(java.io.Writer).-
Fields inherited from class javax.servlet.jsp.tagext.BodyTagSupport
bodyContent
-
Fields inherited from class javax.servlet.jsp.tagext.TagSupport
id, pageContext
-
Fields inherited from interface javax.servlet.jsp.tagext.BodyTag
EVAL_BODY_BUFFERED, EVAL_BODY_TAG
-
Fields inherited from interface javax.servlet.jsp.tagext.IterationTag
EVAL_BODY_AGAIN
-
Fields inherited from interface javax.servlet.jsp.tagext.Tag
EVAL_BODY_INCLUDE, EVAL_PAGE, SKIP_BODY, SKIP_PAGE
-
-
Constructor Summary
Constructors Constructor Description EncodingFilteredBodyTag()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Deprecated Methods Modifier and Type Method Description intdoAfterBody()Deprecated.You should probably be implementing indoAfterBody(java.io.Writer)protected intdoAfterBody(Writer out)While the outJspWriteris still replaced to output the proper content type, this version ofdoAfterBody()is called.voiddoCatch(Throwable t)intdoEndTag()Deprecated.You should probably be implementing indoEndTag(java.io.Writer)protected intdoEndTag(Writer out)While the outJspWriteris still replaced to output the proper content type, this version ofdoEndTag()is called.voiddoFinally()voiddoInitBody()The only way to replace the "out" variable in the generated JSP is to useBodyTag.EVAL_BODY_BUFFERED.intdoStartTag()Deprecated.You should probably be implementing indoStartTag(java.io.Writer)protected intdoStartTag(Writer out)Once the outJspWriterhas been replaced to output the proper content type, this version ofdoStartTag()is called.abstract MediaTypegetContentType()Gets the type of data that is contained by this tag.protected voidsetMediaEncoderOptions(MediaEncoder mediaEncoder)Sets the media encoder options.protected voidwriteEncoderPrefix(MediaEncoder mediaEncoder, JspWriter out)protected voidwriteEncoderSuffix(MediaEncoder mediaEncoder, JspWriter out)protected voidwritePrefix(MediaType containerType, Writer out)Writes any prefix in the container's media type.protected voidwriteSuffix(MediaType containerType, Writer out)Writes any suffix in the container's media type.-
Methods inherited from class javax.servlet.jsp.tagext.BodyTagSupport
getBodyContent, getPreviousOut, release, setBodyContent
-
Methods inherited from class javax.servlet.jsp.tagext.TagSupport
findAncestorWithClass, getId, getParent, getValue, getValues, removeValue, setId, setPageContext, setParent, setValue
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface javax.servlet.jsp.tagext.Tag
getParent, setPageContext, setParent
-
-
-
-
Field Detail
-
EVAL_BODY_FILTERED
public static final int EVAL_BODY_FILTERED
Return value fordoStartTag(java.io.Writer). It will be converted to eitherTag.EVAL_BODY_INCLUDEorBodyTag.EVAL_BODY_BUFFERED, as appropriate to the given filtering and validation.- See Also:
- Constant Field Values
-
-
Method Detail
-
getContentType
public abstract MediaType getContentType()
Gets the type of data that is contained by this tag. This is also the output type.
-
doStartTag
@Deprecated public int doStartTag() throws JspException
Deprecated.You should probably be implementing indoStartTag(java.io.Writer)- Specified by:
doStartTagin interfaceTag- Overrides:
doStartTagin classBodyTagSupport- Throws:
JspException- See Also:
doStartTag(java.io.Writer)
-
doStartTag
protected int doStartTag(Writer out) throws JspException, IOException
Once the outJspWriterhas been replaced to output the proper content type, this version ofdoStartTag()is called.- Parameters:
out- the output. If passed-through, this will be aJspWriter- Returns:
- Must return either
EVAL_BODY_FILTERED(the default) orTag.SKIP_BODY - Throws:
JspExceptionIOException
-
doInitBody
public void doInitBody() throws JspExceptionThe only way to replace the "out" variable in the generated JSP is to use
BodyTag.EVAL_BODY_BUFFERED. Without this, any writer given toJspContext.pushBody(java.io.Writer)is not used. We don't actually want to buffer the content, but only want to filter and validate the data on-the-fly.To workaround this issue, this very hackily replaces the writer field directly on the
BodyContentImpl. When unable to replace the field, falls back to using the standard buffering (much less desirable).This is similar to the direct field access performed by
BodyContentImplCoercionOptimizerInitializer.- Specified by:
doInitBodyin interfaceBodyTag- Overrides:
doInitBodyin classBodyTagSupport- Throws:
JspException
-
doAfterBody
@Deprecated public int doAfterBody() throws JspException
Deprecated.You should probably be implementing indoAfterBody(java.io.Writer)- Specified by:
doAfterBodyin interfaceIterationTag- Overrides:
doAfterBodyin classBodyTagSupport- Throws:
JspException- See Also:
doAfterBody(java.io.Writer)
-
doAfterBody
protected int doAfterBody(Writer out) throws JspException, IOException
While the outJspWriteris still replaced to output the proper content type, this version ofdoAfterBody()is called.- Parameters:
out- the output. If passed-through, this will be aJspWriter- Returns:
- Must return either
Tag.SKIP_BODY(the default) orIterationTag.EVAL_BODY_AGAIN - Throws:
JspExceptionIOException
-
doEndTag
@Deprecated public int doEndTag() throws JspException
Deprecated.You should probably be implementing indoEndTag(java.io.Writer)- Specified by:
doEndTagin interfaceTag- Overrides:
doEndTagin classBodyTagSupport- Throws:
JspException- See Also:
doEndTag(java.io.Writer)
-
doEndTag
protected int doEndTag(Writer out) throws JspException, IOException
While the outJspWriteris still replaced to output the proper content type, this version ofdoEndTag()is called.- Parameters:
out- the output. If passed-through, this will be aJspWriter- Returns:
- Must return either
Tag.EVAL_PAGE(the default) orTag.SKIP_PAGE - Throws:
JspExceptionIOException
-
doCatch
public void doCatch(Throwable t) throws Throwable
- Specified by:
doCatchin interfaceTryCatchFinally- Throws:
Throwable
-
doFinally
public void doFinally()
- Specified by:
doFinallyin interfaceTryCatchFinally
-
writePrefix
protected void writePrefix(MediaType containerType, Writer out) throws JspException, IOException
Writes any prefix in the container's media type. The output must be valid for the provided type.
This default implementation prints nothing.
- Throws:
JspExceptionIOException
-
setMediaEncoderOptions
protected void setMediaEncoderOptions(MediaEncoder mediaEncoder)
Sets the media encoder options. This is how subclass tag attributes can effect the encoding.
-
writeEncoderPrefix
protected void writeEncoderPrefix(MediaEncoder mediaEncoder, JspWriter out) throws JspException, IOException
- Throws:
JspExceptionIOException
-
writeEncoderSuffix
protected void writeEncoderSuffix(MediaEncoder mediaEncoder, JspWriter out) throws JspException, IOException
- Throws:
JspExceptionIOException
-
writeSuffix
protected void writeSuffix(MediaType containerType, Writer out) throws JspException, IOException
Writes any suffix in the container's media type. The output must be valid for the provided type.
This default implementation prints nothing.
- Throws:
JspExceptionIOException
-
-