diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation')
8 files changed, 57 insertions, 57 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java index c9a174813..4ef4bc762 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/FormularCustomizationValitator.java @@ -94,10 +94,10 @@ public class FormularCustomizationValitator { check = form.getHeader_text(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("HeaderText contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.form.header.text", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -144,10 +144,10 @@ public class FormularCustomizationValitator { check = form.getFontType(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("FontType contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.form.fonttype", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } @@ -156,7 +156,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.validateNumber(check)) { log.warn("Applet height "+ check + " is no valid number"); errors.add(LanguageHelper.getErrorString("validation.general.form.applet.height", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } @@ -165,7 +165,7 @@ public class FormularCustomizationValitator { if (!ValidationHelper.validateNumber(check)) { log.warn("Applet width "+ check + " is no valid number"); errors.add(LanguageHelper.getErrorString("validation.general.form.applet.width", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java index 44afd0599..f0594c38d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java @@ -62,10 +62,10 @@ public class UserDatabaseFormValidator { if (!isPVP2Generated) { check = form.getGivenName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("GivenName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("GivenName is empty"); @@ -75,10 +75,10 @@ public class UserDatabaseFormValidator { check = form.getFamilyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("FamilyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("FamilyName is empty"); @@ -89,10 +89,10 @@ public class UserDatabaseFormValidator { if (!isMandateUser) { check = form.getInstitut(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Organisation contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Organisation is empty"); @@ -105,7 +105,7 @@ public class UserDatabaseFormValidator { if (!ValidationHelper.isEmailAddressFormat(check)) { log.warn("Mailaddress is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Mailaddress is empty"); @@ -114,10 +114,10 @@ public class UserDatabaseFormValidator { check = form.getPhone(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Phonenumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } else { log.warn("Phonenumber is empty"); @@ -127,10 +127,10 @@ public class UserDatabaseFormValidator { if (form.isIsusernamepasswordallowed()) { check = form.getUsername(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("Username contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } else { UserDatabase dbuser = newConfigRead.getUserWithUserName(check); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java index 70c43d9b4..717a0c827 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/MOAConfigValidator.java @@ -55,10 +55,10 @@ public class MOAConfigValidator { String check = form.getSaml1SourceID(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("SAML1 SourceID contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.SAML1SourceID", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -217,10 +217,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS Authblock TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Authblock TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -229,10 +229,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS IdentityLink TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLink TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -241,10 +241,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS Test-Authblock TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Test-Authblock TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -253,10 +253,10 @@ public class MOAConfigValidator { log.info("Empty MOA-SP/SS Test-IdentityLink TrustProfile"); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Test-IdentityLink TrustProfile is not valid: " +check); errors.add(LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -271,28 +271,28 @@ public class MOAConfigValidator { check = form.getPvp2IssuerName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 IssuerName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = form.getPvp2OrgDisplayName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 organisation display name is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = form.getPvp2OrgName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 organisation name is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -347,10 +347,10 @@ public class MOAConfigValidator { check = form.getSsoFriendlyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("SSO friendlyname is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } @@ -373,10 +373,10 @@ public class MOAConfigValidator { check = form.getSsoSpecialText(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.info("SSO SpecialText is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} , request)); + new Object[] {ValidationHelper.getNotValidCharacter(true)} , request)); } } @@ -388,10 +388,10 @@ public class MOAConfigValidator { } else { if (!ValidationHelper.isValidAdminTarget(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.sso.target.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } String num = check.replaceAll(" ", ""); @@ -440,7 +440,7 @@ public class MOAConfigValidator { String filename = form.getFileUploadFileName().get(i); if (MiscUtil.isNotEmpty(filename)) { - if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { log.info("SL Transformation Filename is not valid"); errors.add(LanguageHelper.getErrorString("validation.general.slrequest.filename.valid", request)); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java index e4a091c7e..f7edbee71 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/PVP2ContactValidator.java @@ -52,28 +52,28 @@ public class PVP2ContactValidator { String check = contact.getCompany(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 Contact: Company is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = contact.getGivenname(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 Contact: GivenName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } check = contact.getSurname(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("PVP2 Contact: SureName is not valid: " + check); errors.add(LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java index fbd2f3bb3..41fce8e60 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -38,10 +38,10 @@ public class StorkConfigValidator { // check country code String check = current.getCountryCode(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } if(!check.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) { log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); @@ -95,10 +95,10 @@ public class StorkConfigValidator { for(StorkAttribute check : form.getAttributes()) { if (check != null && MiscUtil.isNotEmpty(check.getName())) { String tmp = check.getName().replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? - if (ValidationHelper.containsPotentialCSSCharacter(tmp, true)) { + if (ValidationHelper.containsNotValidCharacter(tmp, true)) { log.warn("default attributes contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } if(!tmp.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + check); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java index 7e6396b75..a758088b1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java @@ -140,10 +140,10 @@ public class OAAuthenticationDataValidation { errors.add(LanguageHelper.getErrorString("validation.general.mandate.usemandate", request)); } - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("MandateProfiles contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}, request )); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java index d2dac3b28..2011a07f1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAFileUploadValidation.java @@ -66,7 +66,7 @@ public class OAFileUploadValidation { String filename = fileName.get(i); if (MiscUtil.isNotEmpty(filename)) { - if (ValidationHelper.containsPotentialCSSCharacter(filename, false)) { + if (ValidationHelper.containsNotValidCharacter(filename, false)) { log.info("Filename is not valid"); errors.add(LanguageHelper.getErrorString(errorMsgPreFix + ".filename.valid", request)); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java index 0062beb96..ca0231577 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java @@ -64,10 +64,10 @@ public class OATargetConfigValidation { errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty", request)); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } if (form.getIdentificationType().equals(Constants.IDENIFICATIONTYPE_FN)) { @@ -129,10 +129,10 @@ public class OATargetConfigValidation { //check targetFrindlyName(); check = form.getTargetFriendlyName(); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("TargetFriendlyName contains potentail XSS characters: " + check); errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}, request )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}, request )); } } |