CppCMS
|
Namespace that holds Anti-Cross Site Scripting Filter support. More...
Classes | |
class | rules |
The class that holds XSS filter rules. More... | |
Enumerations | |
enum | filtering_method_type { remove_invalid, escape_invalid } |
The enumerator that defines filtering invalid HTML method. More... | |
Functions | |
CPPCMS_API bool | validate (char const *begin, char const *end, rules const &r) |
Check the input in range [begin, end) according to the rules r. | |
CPPCMS_API bool | validate_and_filter_if_invalid (char const *begin, char const *end, rules const &r, std::string &filtered, filtering_method_type method=remove_invalid, char replacement_char=0) |
Validate the input in range [begin, end) according to the rules r and if it is not valid filter it and save filtered text into filtered string using a filtering method method. | |
CPPCMS_API std::string | filter (char const *begin, char const *end, rules const &r, filtering_method_type method=remove_invalid, char replacement_char=0) |
Filter the input in range [begin, end) according to the rules r using filtering method method. | |
CPPCMS_API std::string | filter (std::string const &input, rules const &r, filtering_method_type method=remove_invalid, char replacement_char=0) |
Filter the input text input according to the rules r using filtering method method. |
Namespace that holds Anti-Cross Site Scripting Filter support.
The classes in this namespace created to provide a filtering for a save handing of HTML and preventing XSS attacks
CPPCMS_API bool cppcms::xss::validate | ( | char const * | begin, |
char const * | end, | ||
rules const & | r | ||
) |
Check the input in range [begin, end) according to the rules r.
It does not filters the input it only checks its validity, it would be faster then validate_and_filter_if_invalid or filter functions but it does not correct errors.
CPPCMS_API bool cppcms::xss::validate_and_filter_if_invalid | ( | char const * | begin, |
char const * | end, | ||
rules const & | r, | ||
std::string & | filtered, | ||
filtering_method_type | method = remove_invalid , |
||
char | replacement_char = 0 |
||
) |
Validate the input in range [begin, end) according to the rules r and if it is not valid filter it and save filtered text into filtered string using a filtering method method.
If the data was valid, filtered remains unchanged and the function returns true, otherwise it returns false and the filtered data is saved.