...
| Code Block | ||
|---|---|---|
| ||
String s = "\uFE64" + "script" + "\uFE65"; // normalizeNormalize s = Normalizer.normalize(s, Form.NFKC); //validate Validate Pattern pattern = Pattern.compile("[<>]"); Matcher matcher = pattern.matcher(s); if (matcher.find()) { // Found black listed tag throw new IllegalStateException(); } else { // ... } |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="41ff45b0f49c5125-b811162a-43084293-b854869e-ce17ac660e848048cf98b365"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Cross-site Scripting [XYT]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-289, "Authentication Bypass by Alternate Name" | ||||
| CWE-180, "Incorrect Behavior Order: Validate Before Canonicalize" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1774e6df9068bd0e-cb7bda72-45c646b0-9666b0b6-ecbfb7841c40e1d00ff50b56"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="43d794060ea41a6d-06428506-4aa1458c-ab2e801c-35c5bb73acc82f8023959213"><ac:plain-text-body><![CDATA[ | [[Davis 2008 | AA. Bibliography#Davis 08]] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f4128e7148e293db-2e4ae79e-401e42c2-9ec88276-143708094b058baed11d86e7"><ac:plain-text-body><![CDATA[ | [[Weber 2009 | AA. Bibliography#Weber 09]] | ]]></ac:plain-text-body></ac:structured-macro> |
...