aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2017-11-27 12:09:21 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2017-11-27 12:09:21 +0100
commit7691f527e900463f01f4cdbf758da40ccff3c713 (patch)
tree16dd8fc7defbc197e69b8763660804b8bb471a85 /id
parent1b5e11112af6bbe48bfb5c95c8b75ae90f3edb22 (diff)
downloadmoa-id-spss-7691f527e900463f01f4cdbf758da40ccff3c713.tar.gz
moa-id-spss-7691f527e900463f01f4cdbf758da40ccff3c713.tar.bz2
moa-id-spss-7691f527e900463f01f4cdbf758da40ccff3c713.zip
refactoring: rename method
Diffstat (limited to 'id')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java12
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java12
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java12
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java22
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java46
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java12
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java8
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java4
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java2
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java8
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java36
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java24
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java8
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java4
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java20
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java4
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java8
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java13
21 files changed, 133 insertions, 134 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
index 5ee2ee6a7..b3f7c1f79 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/FormularCustomization.java
@@ -352,10 +352,10 @@ public class FormularCustomization implements IOnlineApplicationData {
//validate aditionalAuthBlockText
check = getAditionalAuthBlockText();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
index b2cd18c26..bac69cf34 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OABPKEncryption.java
@@ -203,10 +203,10 @@ public class OABPKEncryption implements IOnlineApplicationData {
errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("bPK decryption keystore password contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyStorePassword.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -217,20 +217,20 @@ public class OABPKEncryption implements IOnlineApplicationData {
errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("bPK decryption key alias contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyAlias.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
check = getKeyPassword();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("bPK decryption key password contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.bPKDec.keyPassword.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index 4cb7eba2d..c51513193 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -117,10 +117,10 @@ public class OAGeneralConfig implements IOnlineApplicationData{
//check OA FriendlyName
check = getFriendlyName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("OAFriendlyName contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.info("OA friendlyName is empty");
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 4fecd89c1..df1786402 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -159,10 +159,10 @@ public class IndexAction extends BasicAction {
String key = null;
if (MiscUtil.isNotEmpty(username)) {
- if (ValidationHelper.containsPotentialCSSCharacter(username, false)) {
+ if (ValidationHelper.containsNotValidCharacter(username, false)) {
log.warn("Username contains potentail XSS characters: " + username);
addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
return Constants.STRUTS_ERROR;
}
} else {
@@ -614,10 +614,10 @@ public class IndexAction extends BasicAction {
if (!sessionform.isIsmandateuser()) {
check = user.getInstitut();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("Organisation contains potentail XSS characters: " + check);
addActionError(LanguageHelper.getErrorString("validation.edituser.institut.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("Organisation is empty");
@@ -630,7 +630,7 @@ public class IndexAction extends BasicAction {
if (!ValidationHelper.isEmailAddressFormat(check)) {
log.warn("Mailaddress is not valid: " + check);
addActionError(LanguageHelper.getErrorString("validation.edituser.mail.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("Mailaddress is empty");
@@ -642,7 +642,7 @@ public class IndexAction extends BasicAction {
if (!ValidationHelper.validatePhoneNumber(check)) {
log.warn("No valid Phone Number: " + check);
addActionError(LanguageHelper.getErrorString("validation.edituser.phone.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("Phonenumber is empty");
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
index c6b0965fe..ca018d5b0 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ListOAsAction.java
@@ -132,10 +132,10 @@ public class ListOAsAction extends BasicAction {
return Constants.STRUTS_SUCCESS;
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(friendlyname, false)) {
+ if (ValidationHelper.containsNotValidCharacter(friendlyname, false)) {
log.warn("SearchOA textfield contains potential XSS characters");
addActionError(LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request));
return Constants.STRUTS_SUCCESS;
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
index c9a174813..4ef4bc762 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java
@@ -94,10 +94,10 @@ public class FormularCustomizationValitator {
check = form.getHeader_text();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("HeaderText contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.form.header.text",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -144,10 +144,10 @@ public class FormularCustomizationValitator {
check = form.getFontType();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
log.warn("FontType contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
}
}
@@ -156,7 +156,7 @@ public class FormularCustomizationValitator {
if (!ValidationHelper.validateNumber(check)) {
log.warn("Applet height "+ check + " is no valid number");
errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
}
}
@@ -165,7 +165,7 @@ public class FormularCustomizationValitator {
if (!ValidationHelper.validateNumber(check)) {
log.warn("Applet width "+ check + " is no valid number");
errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
index 44afd0599..f0594c38d 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -62,10 +62,10 @@ public class UserDatabaseFormValidator {
if (!isPVP2Generated) {
check = form.getGivenName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("GivenName contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("GivenName is empty");
@@ -75,10 +75,10 @@ public class UserDatabaseFormValidator {
check = form.getFamilyName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("FamilyName contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("FamilyName is empty");
@@ -89,10 +89,10 @@ public class UserDatabaseFormValidator {
if (!isMandateUser) {
check = form.getInstitut();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("Organisation contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("Organisation is empty");
@@ -105,7 +105,7 @@ public class UserDatabaseFormValidator {
if (!ValidationHelper.isEmailAddressFormat(check)) {
log.warn("Mailaddress is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("Mailaddress is empty");
@@ -114,10 +114,10 @@ public class UserDatabaseFormValidator {
check = form.getPhone();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("Phonenumber contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
} else {
log.warn("Phonenumber is empty");
@@ -127,10 +127,10 @@ public class UserDatabaseFormValidator {
if (form.isIsusernamepasswordallowed()) {
check = form.getUsername();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("Username contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
} else {
UserDatabase dbuser = newConfigRead.getUserWithUserName(check);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
index 70c43d9b4..717a0c827 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java
@@ -55,10 +55,10 @@ public class MOAConfigValidator {
String check = form.getSaml1SourceID();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -217,10 +217,10 @@ public class MOAConfigValidator {
log.info("Empty MOA-SP/SS Authblock TrustProfile");
errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("Authblock TrustProfile is not valid: " +check);
errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -229,10 +229,10 @@ public class MOAConfigValidator {
log.info("Empty MOA-SP/SS IdentityLink TrustProfile");
errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("IdentityLink TrustProfile is not valid: " +check);
errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -241,10 +241,10 @@ public class MOAConfigValidator {
log.info("Empty MOA-SP/SS Test-Authblock TrustProfile");
errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("Test-Authblock TrustProfile is not valid: " +check);
errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -253,10 +253,10 @@ public class MOAConfigValidator {
log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile");
errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("Test-IdentityLink TrustProfile is not valid: " +check);
errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -271,28 +271,28 @@ public class MOAConfigValidator {
check = form.getPvp2IssuerName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("PVP2 IssuerName is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
check = form.getPvp2OrgDisplayName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("PVP2 organisation display name is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
check = form.getPvp2OrgName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("PVP2 organisation name is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -347,10 +347,10 @@ public class MOAConfigValidator {
check = form.getSsoFriendlyName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("SSO friendlyname is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
@@ -373,10 +373,10 @@ public class MOAConfigValidator {
check = form.getSsoSpecialText();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
log.info("SSO SpecialText is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} , request));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)} , request));
}
}
@@ -388,10 +388,10 @@ public class MOAConfigValidator {
} else {
if (!ValidationHelper.isValidAdminTarget(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
String num = check.replaceAll(" ", "");
@@ -440,7 +440,7 @@ public class MOAConfigValidator {
String filename = form.getFileUploadFileName().get(i);
if (MiscUtil.isNotEmpty(filename)) {
- if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) {
+ if (ValidationHelper.containsNotValidCharacter(filename, false)) {
log.info("SL Transformation Filename is not valid");
errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request));
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
index e4a091c7e..f7edbee71 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java
@@ -52,28 +52,28 @@ public class PVP2ContactValidator {
String check = contact.getCompany();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("PVP2 Contact: Company is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
check = contact.getGivenname();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("PVP2 Contact: GivenName is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
check = contact.getSurname();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("PVP2 Contact: SureName is not valid: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
index fbd2f3bb3..41fce8e60 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java
@@ -38,10 +38,10 @@ public class StorkConfigValidator {
// check country code
String check = current.getCountryCode();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("CPEPS config countrycode contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
if(!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) {
log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check);
@@ -95,10 +95,10 @@ public class StorkConfigValidator {
for(StorkAttribute check : form.getAttributes()) {
if (check != null && MiscUtil.isNotEmpty(check.getName())) {
String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
- if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) {
+ if (ValidationHelper.containsNotValidCharacter(tmp, true)) {
log.warn("default attributes contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
}
if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) {
log.warn("default attributes do not match the requested format : " + check);
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index 7e6396b75..a758088b1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -140,10 +140,10 @@ public class OAAuthenticationDataValidation {
errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request));
}
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
log.warn("MandateProfiles contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}, request ));
}
}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
index d2dac3b28..2011a07f1 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java
@@ -66,7 +66,7 @@ public class OAFileUploadValidation {
String filename = fileName.get(i);
if (MiscUtil.isNotEmpty(filename)) {
- if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) {
+ if (ValidationHelper.containsNotValidCharacter(filename, false)) {
log.info("Filename is not valid");
errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request));
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
index 0062beb96..ca0231577 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
@@ -64,10 +64,10 @@ public class OATargetConfigValidation {
errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) {
@@ -129,10 +129,10 @@ public class OATargetConfigValidation {
//check targetFrindlyName();
check = form.getTargetFriendlyName();
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}, request ));
}
}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
index e229b6ef4..c9ad63121 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
@@ -106,13 +106,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
String check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, getKeyPrefix()));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("SAML1 SourceID contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID,
"SAML1 - SourceID",
LanguageHelper.getErrorString("validation.general.SAML1SourceID",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
@@ -293,13 +293,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
"MOA-SP - AuthBlocktransformation",
LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty")));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("IdentityLinkSigners is not valid: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM,
"MOA-SP - AuthBlocktransformationx",
LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)} )));
}
}
@@ -312,13 +312,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
"MOA-SP - TrustProfile AuthBlock",
LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty")));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("Authblock TrustProfile is not valid: " +check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
"MOA-SP - TrustProfile AuthBlock",
LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
@@ -330,13 +330,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
"MOA-SP - TrustProfile IdL",
LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty")));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("IdentityLink TrustProfile is not valid: " +check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
"MOA-SP - TrustProfile IdL",
LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
@@ -348,13 +348,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
"MOA-SP - Test-TrustProfile AuthBlock",
LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty")));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("Authblock Test-TrustProfile is not valid: " +check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD,
"MOA-SP - Test-TrustProfile AuthBlock",
LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
@@ -366,13 +366,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
"MOA-SP - Test-TrustProfile IdL",
LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty")));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("IdentityLink Test-TrustProfile is not valid: " +check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD,
"MOA-SP - Test-TrustProfile IdL",
LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
@@ -430,25 +430,25 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, getKeyPrefix()));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.info("SSO friendlyname is not valid: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME,
"SSO - Servicename",
LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, getKeyPrefix()));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
log.info("SSO SpecialText is not valid: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT,
"SSO - AuthBlocktext",
LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)} )));
}
}
@@ -465,13 +465,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
//TODO: maybe store full bPK target (incl. prefix)
if (!ValidationHelper.isValidAdminTarget(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET,
"SSO - Target",
LanguageHelper.getErrorString("validation.general.sso.target.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
String num = check.replaceAll(" ", "");
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
index a593b5461..cdd2a7ce2 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
@@ -90,35 +90,35 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme
String check =
input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
logger.info("PVP2 IssuerName is not valid: " + check);
errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME,
"Service Name",
LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
check =
input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
logger.info("PVP2 organisation display name is not valid: " + check);
errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME,
"Organisation - Full name",
LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
logger.info("PVP2 organisation name is not valid: " + check);
errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME,
"Organisation - Short name",
LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
@@ -135,34 +135,34 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
logger.info("PVP2 Contact: Company is not valid: " + check);
errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY,
"Contact - Company",
LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
logger.info("PVP2 Contact: GivenName is not valid: " + check);
errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME,
"Contact - GivenName",
LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL));
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
logger.info("PVP2 Contact: SureName is not valid: " + check);
errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME,
"Contact - FamilyName",
LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
index df67ca2f1..309e0745b 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
@@ -116,14 +116,14 @@ public static final List<String> KEYWHITELIST;
log.trace("Extract C-PEPS for country: " + cc + " with URL:" + url);
if (!validatedCPeps.containsKey(cc)) {
if (MiscUtil.isNotEmpty(cc)) {
- if (ValidationHelper.containsPotentialCSSCharacter(cc, false)) {
+ if (ValidationHelper.containsNotValidCharacter(cc, false)) {
log.warn("CPEPS config countrycode contains potentail XSS characters: " + cc);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ "." + cpepsKey,
"STORK - CPEPS Country",
LanguageHelper.getErrorString("validation.stork.cpeps.cc",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
if(!cc.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) {
log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + cc);
@@ -215,13 +215,13 @@ public static final List<String> KEYWHITELIST;
String value = attributeList.get(key);
value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
if (!validatedAttributes.contains(value)) {
- if (ValidationHelper.containsPotentialCSSCharacter(value, true)) {
+ if (ValidationHelper.containsNotValidCharacter(value, true)) {
log.warn("default attributes contains potentail XSS characters: " + value);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,
"STORK - Attributes",
LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)})));
}
if(!value.toLowerCase().matches("^[A-Za-z]*$")) {
log.warn("default attributes do not match the requested format : " + value);
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
index 05467c3bc..25855dcb6 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
@@ -220,13 +220,13 @@ public class ServicesAuthenticationInformationTask extends AbstractTaskValidator
String checkUseMandate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE);
if (MiscUtil.isNotEmpty(checkUseMandate) && Boolean.parseBoolean(checkUseMandate)) {
check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES);
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
log.warn("MandateProfiles contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES,
"Mandates - Profiles",
LanguageHelper.getErrorString("validation.general.mandate.profiles",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}) ));
}
}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
index f8ce21c99..83e6cb234 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
@@ -153,13 +153,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
//validate aditionalAuthBlockText
String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT);
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT,
"AuthBlock - Addition AuthBlocktext",
LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
}
@@ -172,7 +172,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
try {
String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME);
if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) {
- if (ValidationHelper.containsPotentialCSSCharacter(bkuSelectTemplateUploadedFileName, false)) {
+ if (ValidationHelper.containsNotValidCharacter(bkuSelectTemplateUploadedFileName, false)) {
log.info("BKU Selection Filename is not valid");
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME,
@@ -221,7 +221,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
try {
String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME);
if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) {
- if (ValidationHelper.containsPotentialCSSCharacter(sendAssertionTemplateUploadedFileName, false)) {
+ if (ValidationHelper.containsNotValidCharacter(sendAssertionTemplateUploadedFileName, false)) {
log.info("Send Assertion Filename is not valid");
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME,
@@ -342,13 +342,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT);
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("HeaderText contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT,
"Templates - Header Text",
LanguageHelper.getErrorString("validation.general.form.header.text",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
@@ -407,13 +407,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE);
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ if (ValidationHelper.containsNotValidCharacter(check, true)) {
log.warn("FontType contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE,
"Templates - Font Type",
LanguageHelper.getErrorString("validation.general.form.fonttype",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}) ));
}
}
@@ -425,7 +425,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT,
"Templates - Applet Height",
LanguageHelper.getErrorString("validation.general.form.applet.height",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}) ));
}
}
@@ -437,7 +437,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH,
"Templates - Applet Width",
LanguageHelper.getErrorString("validation.general.form.applet.width",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)}) ));
}
}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
index 86d047c74..5ff157b3b 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
@@ -107,13 +107,13 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem
String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("OAFriendlyName contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME,
"FriendlyName",
LanguageHelper.getErrorString("validation.general.oafriendlyname.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
} else {
log.info("OA friendlyName is empty");
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
index 5d23a60f6..e8d49a391 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
@@ -113,13 +113,13 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa
LanguageHelper.getErrorString("validation.general.identificationnumber.empty")));
} else {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("IdentificationNumber contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE,
"BusinessService - Value",
LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE)
@@ -142,13 +142,13 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa
if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) {
check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME);
if (MiscUtil.isNotEmpty(check)) {
- if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ if (ValidationHelper.containsNotValidCharacter(check, false)) {
log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME,
"Own Target - FriendlyName",
LanguageHelper.getErrorString("validation.general.targetfriendlyname",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)}) ));
}
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java
index 01ae2a354..0a0c4b06d 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/validation/ValidationHelper.java
@@ -22,11 +22,6 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.commons.validation;
-import iaik.asn1.ObjectID;
-import iaik.utils.Util;
-import iaik.x509.X509Certificate;
-import iaik.x509.X509ExtensionInitException;
-
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
@@ -45,6 +40,10 @@ import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import at.gv.egovernment.moa.logging.Logger;
+import iaik.asn1.ObjectID;
+import iaik.utils.Util;
+import iaik.x509.X509Certificate;
+import iaik.x509.X509ExtensionInitException;
public class ValidationHelper {
@@ -322,7 +321,7 @@ public class ValidationHelper {
return "; % \" ' ` , < > \\";
}
- public static boolean containsPotentialCSSCharacter(String param, boolean commaallowed) {
+ public static boolean containsNotValidCharacter(String param, boolean commaallowed) {
if (param == null) {
return false;
@@ -340,7 +339,7 @@ public class ValidationHelper {
param.indexOf("/") != -1;
}
- public static String getPotentialCSSCharacter(boolean commaallowed) {
+ public static String getNotValidCharacter(boolean commaallowed) {
if (commaallowed)
return "; % \" ' ` < > \\ /";