Highlighted

Policy parameter in com.adobe.granite.xss.XSSFilterImpl check method

umashankar_d

29-10-2017

Hello Members,

I am basically trying to check for XSS policy violations by scanning a particular request parameter passed to the "check" method [with definition: check(ProtectionContext var1, String var2, String var3)] in the com.adobe.granite.xss.XSSFilterImpl implementation, and trying to check that parameter against a particular regex pattern. By looking deeper into the XSSFilterImpl check method definition, I found that the third parameter  of the "check" method is regarding a policy - the name/path of the policy to use. Can anyone please provide me more information regarding the policy, and the way by which I can pass my custom policy to check for XSS policy violations?

Thanks,

Umashankar

Replies

Highlighted

umashankar_d

30-10-2017

Exactly, Mac. Even I tried to look into the API documentation and all other descriptive texts, but couldn't find any information about this. I even tried to pass the regex pattern as the policy parameter to the "check" method, but that didn't seem to work.