Java Code Examples for org.apache.commons.lang.StringEscapeUtils#unescapeXml()
The following examples show how to use
org.apache.commons.lang.StringEscapeUtils#unescapeXml() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DataSourceDAOHibImpl.java From Knowage-Server with GNU Affero General Public License v3.0 | 6 votes |
|
private String escapeXML(String prov, boolean escape) {
String statement = null;
int cutStartIndex = prov.indexOf("<STMT>");
cutStartIndex = cutStartIndex + 6;
int cutEndIndex = prov.indexOf("</STMT>");
statement = prov.substring(cutStartIndex, cutEndIndex);
if (escape) {
statement = StringEscapeUtils.escapeXml(statement);
} else {
statement = StringEscapeUtils.unescapeXml(statement);
}
int cutStart = prov.indexOf("<STMT>");
cutStart = cutStart + 6;
int cutEnd = prov.indexOf("</STMT>");
String firstPart = prov.substring(0, cutStart);
String secondPart = prov.substring(cutEnd, prov.length());
prov = firstPart + statement + secondPart;
return prov;
}
Example 2
| Source File: EscapeUtils.java From common_gui_tools with Apache License 2.0 | 6 votes |
|
/**
* 还原转义字符.
*
* @param string 转义字符
* @param type 字符类型
*/
public static String unescape(String string, String type) {
String escape = "转义字符还原遇到错误";
if (type.equals(LanguageUtils.CONST_HTML)) {
escape = StringEscapeUtils.unescapeHtml(string);
} else if (type.equals(LanguageUtils.CONST_XML)) {
escape = StringEscapeUtils.unescapeXml(string);
} else if (type.equals(LanguageUtils.CONST_SQL)) {
escape = type + "转义字符不能进行还原";
} else if (type.equals(LanguageUtils.CONST_JAVA)) {
escape = StringEscapeUtils.unescapeJava(string);
} else if (type.equals(LanguageUtils.CONST_JavaScript)) {
escape = StringEscapeUtils.unescapeJavaScript(string);
} else if (type.equals(LanguageUtils.CONST_CSV)) {
escape = StringEscapeUtils.unescapeCsv(string);
}
return escape;
}
Example 3
| Source File: Const.java From hop with Apache License 2.0 | 5 votes |
|
/**
* UnEscape XML content. i.e. replace characters with &values;
*
* @param content content
* @return unescaped content
*/
public static String unEscapeXml( String content ) {
if ( Utils.isEmpty( content ) ) {
return content;
}
return StringEscapeUtils.unescapeXml( content );
}
Example 4
| Source File: RuleParser.java From ciscorouter with MIT License | 5 votes |
|
/**
* Returns a Rule object from a given file
* @param f The file to load the rule from
* @return A Rule object
*/
public static Rule getRuleFromFile(File f) {
Rule r = null;
try {
Builder parser = new Builder();
Document doc = parser.build(f);
Element root = doc.getRootElement();
Element name = root.getFirstChildElement("Name");
String nameVal = name.getValue();
Element desc = root.getFirstChildElement("Description");
String descVal = desc.getValue();
Element severity = root.getFirstChildElement("Severity");
String sevVal = severity.getValue();
Element ruledef = root.getFirstChildElement("Rules");
Elements rules = ruledef.getChildElements();
String[] settings = new String[rules.size()];
String[] params = new String[rules.size()];
for (int i = 0; i < rules.size(); i++) {
Element rule = rules.get(i);
Element sett = rule.getFirstChildElement("Parameter");
settings[i] = StringEscapeUtils.unescapeXml(sett.getValue());
Element arg = rule.getFirstChildElement("Argument");
params[i] = StringEscapeUtils.unescapeXml(arg.getValue());
}
r = new Rule(StringEscapeUtils.unescapeXml(nameVal), StringEscapeUtils.unescapeXml(descVal), sevVal, settings, params);
} catch (ParsingException | IOException ex) {
Logger.getLogger(RuleParser.class.getName()).log(Level.SEVERE, null, ex);
}
return r;
}
Example 5
| Source File: WAF.java From Aooms with Apache License 2.0 | 4 votes |
|
public static String unescapeXss(String str) {
return StringEscapeUtils.unescapeXml(str);
}
Example 6
| Source File: EncodeUtils.java From DWSurvey with GNU Affero General Public License v3.0 | 4 votes |
|
/**
* Xml 解码.
*/
public static String xmlUnescape(String xmlEscaped) {
return StringEscapeUtils.unescapeXml(xmlEscaped);
}
Example 7
| Source File: SequenceFlowParser.java From uflo with Apache License 2.0 | 4 votes |
|
protected String unescape(String str){
if(StringUtils.isEmpty(str))return str;
str=StringEscapeUtils.escapeXml(str);
return StringEscapeUtils.unescapeXml(str);
}
Example 8
| Source File: AbstractDeclarativeValidValidator.java From dsl-devkit with Eclipse Public License 1.0 | 4 votes |
|
/** {@inheritDoc} */
@Override
public void acceptError(final String message, final EObject object, final EStructuralFeature feature, final int index, final String code, final String... issueData) {
super.acceptError(StringEscapeUtils.unescapeXml(message), object, feature, index, code, issueData);
}
Example 9
| Source File: AbstractDeclarativeValidValidator.java From dsl-devkit with Eclipse Public License 1.0 | 4 votes |
|
/** {@inheritDoc} */
@Override
public void acceptWarning(final String message, final EObject object, final EStructuralFeature feature, final int index, final String code, final String... issueData) {
super.acceptWarning(StringEscapeUtils.unescapeXml(message), object, feature, index, code, issueData);
}
Example 10
| Source File: SOAPXMLInjectionActiveScanRule.java From zap-extensions with Apache License 2.0 | 4 votes |
|
@Override
public void scan(HttpMessage msg, String paramName, String paramValue) {
try {
/* This scan is only applied to SOAP messages. */
final String request = new String(msg.getRequestBody().getBytes());
final String reqCharset = msg.getRequestBody().getCharset();
if (this.isStop()) return;
if (isSoapMessage(request, reqCharset)) {
String paramValue2 = paramValue + "_modified";
String finalValue =
paramValue + "</" + paramName + "><" + paramName + ">" + paramValue2;
/* Request message that contains the modified value. */
HttpMessage modifiedMsg = craftAttackMessage(msg, paramName, paramValue2);
if (modifiedMsg == null) return;
/* Request message that contains the XML code to be injected. */
HttpMessage attackMsg = craftAttackMessage(msg, paramName, finalValue);
final String escapedContent = new String(attackMsg.getRequestBody().getBytes());
final String unescapedContent = StringEscapeUtils.unescapeXml(escapedContent);
attackMsg.setRequestBody(unescapedContent);
/* Sends the modified request. */
if (this.isStop()) return;
sendAndReceive(modifiedMsg);
if (this.isStop()) return;
sendAndReceive(attackMsg);
if (this.isStop()) return;
/* Analyzes the response. */
final String response = new String(attackMsg.getResponseBody().getBytes());
final String resCharset = attackMsg.getResponseBody().getCharset();
final HttpMessage originalMsg = getBaseMsg();
if (this.isStop()) return;
if (!isSoapMessage(response, resCharset)) {
/*
* Response has no SOAP format. It is still notified since it is an unexpected
* result.
*/
newAlert()
.setRisk(Alert.RISK_LOW)
.setConfidence(Alert.CONFIDENCE_MEDIUM)
.setAttack(finalValue)
.setOtherInfo(Constant.messages.getString(MESSAGE_PREFIX + "warn1"))
.setMessage(attackMsg)
.raise();
} else if (responsesAreEqual(modifiedMsg, attackMsg)
&& !(responsesAreEqual(originalMsg, modifiedMsg))) {
/*
* The attack message has achieved the same result as the modified message, so
* XML injection attack worked.
*/
newAlert()
.setConfidence(Alert.CONFIDENCE_MEDIUM)
.setAttack(finalValue)
.setOtherInfo(Constant.messages.getString(MESSAGE_PREFIX + "warn2"))
.setMessage(attackMsg)
.raise();
}
}
} catch (Exception e) {
LOG.error(e.getMessage(), e);
}
}
Example 11
| Source File: DroidDrawHandler.java From DroidUIBuilder with Apache License 2.0 | 4 votes |
|
private String getValue(Attributes atts, String name)
{
return StringEscapeUtils.unescapeXml(atts.getValue(name));
}
Example 12
| Source File: ExportService.java From axelor-open-suite with GNU Affero General Public License v3.0 | 4 votes |
|
public static String exportActionBuilderLines(List<ActionBuilderLine> lines, int count) {
String xml = "";
String indent = "\n" + Strings.repeat("\t", count);
for (ActionBuilderLine line : lines) {
String source = "";
String target = "";
if (line.getParent() == null) {
ActionBuilder builder = line.getActionBuilder();
if (builder != null) {
target = builder.getTargetModel();
source = builder.getModel();
if (builder.getTypeSelect() == ActionBuilderRepository.TYPE_SELECT_UPDATE) {
target = builder.getModel();
}
}
} else {
ActionBuilderLine parent = line.getParent();
if (parent.getMetaField() != null) target = parent.getMetaField().getTypeName();
if (parent.getMetaJsonField() != null && parent.getMetaJsonField().getTargetModel() != null)
target = parent.getMetaJsonField().getTargetModel();
if (parent.getMetaJsonField() != null
&& parent.getMetaJsonField().getTargetJsonModel() != null)
target = parent.getMetaJsonField().getTargetJsonModel().getName();
if (parent.getValueField() != null)
source = parent.getValueField().getMetaModel().getFullName();
if (parent.getValueJson() != null && parent.getValueJson().getTargetModel() != null)
source = parent.getValueJson().getTargetModel();
if (parent.getValueJson() != null && parent.getValueJson().getTargetJsonModel() != null)
source = parent.getValueJson().getTargetJsonModel().getName();
}
xml +=
indent
+ "<line>"
+ indent
+ "<target>"
+ target
+ "</target>"
+ indent
+ "<source>"
+ source
+ "</source>"
+ indent
+ "<metaJsonField>"
+ (line.getMetaJsonField() != null ? line.getMetaJsonField().getName() : "")
+ "</metaJsonField>"
+ indent
+ "<metaField>"
+ (line.getMetaField() != null ? line.getMetaField().getName() : "")
+ "</metaField>"
+ indent
+ "<valueJson>"
+ (line.getValueJson() != null ? line.getValueJson().getName() : "")
+ "</valueJson>"
+ indent
+ "<valueField>"
+ (line.getValueField() != null ? line.getValueField().getName() : "")
+ "</valueField>"
+ indent
+ "<value>"
+ (line.getValue() != null ? line.getValue() : "")
+ "</value>"
+ indent
+ "<conditionText>"
+ (line.getConditionText() != null ? line.getConditionText() : "")
+ "</conditionText>"
+ indent
+ "<filter>"
+ (line.getFilter() != null ? line.getFilter() : "")
+ "</filter>"
+ indent
+ "<validationTypeSelect>"
+ (line.getValidationTypeSelect() != null ? line.getValidationTypeSelect() : "")
+ "</validationTypeSelect>"
+ indent
+ "<validationMsg>"
+ (line.getValidationMsg() != null ? line.getValidationMsg() : "")
+ "</validationMsg>"
+ indent
+ "<name>"
+ (line.getName() != null ? line.getName() : "")
+ "</name>"
+ indent
+ "<dummy>"
+ (line.getDummy() != null ? line.getDummy() : "")
+ "</dummy>"
+ indent
+ "<subLines>"
+ exportActionBuilderLines(line.getSubLines(), count + 1)
+ "</subLines>"
+ "</line>";
}
return StringEscapeUtils.unescapeXml(xml);
}
Example 13
| Source File: WemoLightHandler.java From smarthome with Eclipse Public License 2.0 | 4 votes |
|
/**
* The {@link getDeviceState} is used for polling the actual state of a WeMo Light and updating the according
* channel states.
*/
public void getDeviceState() {
logger.debug("Request actual state for LightID '{}'", wemoLightID);
try {
String soapHeader = "\"urn:Belkin:service:bridge:1#GetDeviceStatus\"";
String content = "<?xml version=\"1.0\"?>"
+ "<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">"
+ "<s:Body>" + "<u:GetDeviceStatus xmlns:u=\"urn:Belkin:service:bridge:1\">" + "<DeviceIDs>"
+ wemoLightID + "</DeviceIDs>" + "</u:GetDeviceStatus>" + "</s:Body>" + "</s:Envelope>";
String wemoURL = getWemoURL();
if (wemoURL != null) {
String wemoCallResponse = wemoHttpCaller.executeCall(wemoURL, soapHeader, content);
if (wemoCallResponse != null) {
wemoCallResponse = StringEscapeUtils.unescapeXml(wemoCallResponse);
String response = StringUtils.substringBetween(wemoCallResponse, "<CapabilityValue>",
"</CapabilityValue>");
logger.trace("wemoNewLightState = {}", response);
String[] splitResponse = response.split(",");
if (splitResponse[0] != null) {
OnOffType binaryState = null;
binaryState = splitResponse[0].equals("0") ? OnOffType.OFF : OnOffType.ON;
if (binaryState != null) {
updateState(CHANNEL_STATE, binaryState);
}
}
if (splitResponse[1] != null) {
String splitBrightness[] = splitResponse[1].split(":");
if (splitBrightness[0] != null) {
int newBrightnessValue = Integer.valueOf(splitBrightness[0]);
int newBrightness = Math.round(newBrightnessValue * 100 / 255);
logger.trace("newBrightness = {}", newBrightness);
State newBrightnessState = new PercentType(newBrightness);
updateState(CHANNEL_BRIGHTNESS, newBrightnessState);
currentBrightness = newBrightness;
}
}
}
}
} catch (Exception e) {
throw new IllegalStateException("Could not retrieve new Wemo light state", e);
}
}
Example 14
| Source File: SonosEntry.java From smarthome with Eclipse Public License 2.0 | 4 votes |
|
/**
* @return the URI for the album art.
*/
public String getAlbumArtUri() {
return StringEscapeUtils.unescapeXml(albumArtUri);
}
Example 15
| Source File: SonosEntry.java From openhab1-addons with Eclipse Public License 2.0 | 4 votes |
|
/**
* @return the URI for the album art.
*/
public String getAlbumArtUri() {
return StringEscapeUtils.unescapeXml(albumArtUri);
}
Example 16
| Source File: Const.java From pentaho-kettle with Apache License 2.0 | 3 votes |
|
/**
* UnEscape XML content. i.e. replace characters with &values;
*
* @param content
* content
* @return unescaped content
*/
public static String unEscapeXml( String content ) {
if ( Utils.isEmpty( content ) ) {
return content;
}
return StringEscapeUtils.unescapeXml( content );
}
