diff options
Diffstat (limited to 'id/moa-id-webgui/src/main')
7 files changed, 52 insertions, 52 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index e229b6ef4..c9ad63121 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -106,13 +106,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme String check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("SAML1 SourceID contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID, "SAML1 - SourceID", LanguageHelper.getErrorString("validation.general.SAML1SourceID", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } @@ -293,13 +293,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - AuthBlocktransformation", LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLinkSigners is not valid: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM, "MOA-SP - AuthBlocktransformationx", LanguageHelper.getErrorString("validation.general.moasp.auth.transformation.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ))); + new Object[] {ValidationHelper.getNotValidCharacter(false)} ))); } } @@ -312,13 +312,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Authblock TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, "MOA-SP - TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -330,13 +330,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLink TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, "MOA-SP - TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -348,13 +348,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - Test-TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("Authblock Test-TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD, "MOA-SP - Test-TrustProfile AuthBlock", LanguageHelper.getErrorString("validation.general.moasp.auth.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -366,13 +366,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme "MOA-SP - Test-TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("IdentityLink Test-TrustProfile is not valid: " +check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD, "MOA-SP - Test-TrustProfile IdL", LanguageHelper.getErrorString("validation.general.moasp.idl.trustprofile.test.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -430,25 +430,25 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.info("SSO friendlyname is not valid: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_SERVICENAME, "SSO - Servicename", LanguageHelper.getErrorString("validation.general.sso.friendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, getKeyPrefix())); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.info("SSO SpecialText is not valid: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_AUTHBLOCK_TEXT, "SSO - AuthBlocktext", LanguageHelper.getErrorString("validation.general.sso.specialauthtext.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ))); + new Object[] {ValidationHelper.getNotValidCharacter(true)} ))); } } @@ -465,13 +465,13 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme //TODO: maybe store full bPK target (incl. prefix) if (!ValidationHelper.isValidAdminTarget(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_SSO_TARGET, "SSO - Target", LanguageHelper.getErrorString("validation.general.sso.target.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } String num = check.replaceAll(" ", ""); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java index a593b5461..cdd2a7ce2 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java @@ -90,35 +90,35 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme String check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 IssuerName is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME, "Service Name", LanguageHelper.getErrorString("validation.general.protocol.pvp2.issuername.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 organisation display name is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME, "Organisation - Full name", LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.displayname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 organisation name is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME, "Organisation - Short name", LanguageHelper.getErrorString("validation.general.protocol.pvp2.org.name.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } @@ -135,34 +135,34 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 Contact: Company is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY, "Contact - Company", LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.company.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 Contact: GivenName is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME, "Contact - GivenName", LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.givenname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, MOAIDConfigurationConstants.PREFIX_MOAID_GENERAL)); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { logger.info("PVP2 Contact: SureName is not valid: " + check); errors.add(new ValidationObjectIdentifier(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME, "Contact - FamilyName", LanguageHelper.getErrorString("validation.general.protocol.pvp2.contact.surename.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index df67ca2f1..309e0745b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -116,14 +116,14 @@ public static final List<String> KEYWHITELIST; log.trace("Extract C-PEPS for country: " + cc + " with URL:" + url); if (!validatedCPeps.containsKey(cc)) { if (MiscUtil.isNotEmpty(cc)) { - if (ValidationHelper.containsPotentialCSSCharacter(cc, false)) { + if (ValidationHelper.containsNotValidCharacter(cc, false)) { log.warn("CPEPS config countrycode contains potentail XSS characters: " + cc); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + "." + cpepsKey, "STORK - CPEPS Country", LanguageHelper.getErrorString("validation.stork.cpeps.cc", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } if(!cc.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) { log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + cc); @@ -215,13 +215,13 @@ public static final List<String> KEYWHITELIST; String value = attributeList.get(key); value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI? if (!validatedAttributes.contains(value)) { - if (ValidationHelper.containsPotentialCSSCharacter(value, true)) { + if (ValidationHelper.containsNotValidCharacter(value, true)) { log.warn("default attributes contains potentail XSS characters: " + value); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA, "STORK - Attributes", LanguageHelper.getErrorString("validation.stork.requestedattributes", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}))); + new Object[] {ValidationHelper.getNotValidCharacter(true)}))); } if(!value.toLowerCase().matches("^[A-Za-z]*$")) { log.warn("default attributes do not match the requested format : " + value); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java index 05467c3bc..25855dcb6 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java @@ -220,13 +220,13 @@ public class ServicesAuthenticationInformationTask extends AbstractTaskValidator String checkUseMandate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE); if (MiscUtil.isNotEmpty(checkUseMandate) && Boolean.parseBoolean(checkUseMandate)) { check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES); - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("MandateProfiles contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES, "Mandates - Profiles", LanguageHelper.getErrorString("validation.general.mandate.profiles", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java index f8ce21c99..83e6cb234 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java @@ -153,13 +153,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I //validate aditionalAuthBlockText String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT, "AuthBlock - Addition AuthBlocktext", LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } @@ -172,7 +172,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I try { String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME); if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) { - if (ValidationHelper.containsPotentialCSSCharacter(bkuSelectTemplateUploadedFileName, false)) { + if (ValidationHelper.containsNotValidCharacter(bkuSelectTemplateUploadedFileName, false)) { log.info("BKU Selection Filename is not valid"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, @@ -221,7 +221,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I try { String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME); if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) { - if (ValidationHelper.containsPotentialCSSCharacter(sendAssertionTemplateUploadedFileName, false)) { + if (ValidationHelper.containsNotValidCharacter(sendAssertionTemplateUploadedFileName, false)) { log.info("Send Assertion Filename is not valid"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, @@ -342,13 +342,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("HeaderText contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT, "Templates - Header Text", LanguageHelper.getErrorString("validation.general.form.header.text", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } @@ -407,13 +407,13 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + if (ValidationHelper.containsNotValidCharacter(check, true)) { log.warn("FontType contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE, "Templates - Font Type", LanguageHelper.getErrorString("validation.general.form.fonttype", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } @@ -425,7 +425,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT, "Templates - Applet Height", LanguageHelper.getErrorString("validation.general.form.applet.height", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } @@ -437,7 +437,7 @@ public class ServicesBKUSelectionTask extends AbstractTaskValidator implements I MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH, "Templates - Applet Width", LanguageHelper.getErrorString("validation.general.form.applet.width", - new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(true)}) )); } } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java index 86d047c74..5ff157b3b 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java @@ -107,13 +107,13 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("OAFriendlyName contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, "FriendlyName", LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } else { log.info("OA friendlyName is empty"); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java index 5d23a60f6..e8d49a391 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java @@ -113,13 +113,13 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa LanguageHelper.getErrorString("validation.general.identificationnumber.empty"))); } else { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("IdentificationNumber contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, "BusinessService - Value", LanguageHelper.getErrorString("validation.general.identificationnumber.valid", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE) @@ -142,13 +142,13 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) { check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME); if (MiscUtil.isNotEmpty(check)) { - if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("TargetFriendlyName contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME, "Own Target - FriendlyName", LanguageHelper.getErrorString("validation.general.targetfriendlyname", - new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + new Object[] {ValidationHelper.getNotValidCharacter(false)}) )); } } |