Validated Servlet

Identifier:

org.eclipse.help.webapp.validatedServlet

Since:

3.7

Description:

This extension points implements a webapp security validator around a servlet. All calls to the servlet are checked for known malicious threats before returning to the client. Important: All context paths to servlet validator resources must start with /vs. For example: http://host:port/help/vs/service/toc

Configuration Markup:

<!ELEMENT extension (servlet)*>

<!ATTLIST extension

point CDATA #REQUIRED

id CDATA #IMPLIED

name CDATA #IMPLIED>

<!ELEMENT servlet EMPTY>

<!ATTLIST servlet

class CDATA #REQUIRED

alias CDATA #REQUIRED>

class -
alias -

Examples:

None provided.

API Information:

The supplied servlet class must extend the class javax.servlet.http.HttpServlet. The servlet class should function no differently then general servlets.

Supplied Implementation:

A supplied implementation of this point can be found in org.eclipse.help.webapp for any of the services in org.eclipse.help.internal.webapp.services.

Copyright (c) 2011 IBM Corporation and others.
This program and the accompanying materials are made available under the terms of the Eclipse Public License 2.0 which accompanies this distribution, and is available at https://www.eclipse.org/legal/epl-v20.html/ SPDX-License-Identifier: EPL-2.0