public class EmbededScriptSecurity extends java.lang.Object implements ScriptSecurity
ScriptSecurity
interface only
allows scripts embeded in the document, i.e., scripts whith either
the same URL as the document (as for event attributes) or scripts
embeded with the data protocol.Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DATA_PROTOCOL |
static java.lang.String |
ERROR_CANNOT_ACCESS_DOCUMENT_URL
Message when trying to load a script file and the Document
does not have a URL
|
static java.lang.String |
ERROR_SCRIPT_NOT_EMBEDED
Message when trying to load a script that is not embeded
in the document.
|
protected java.lang.SecurityException |
se
The exception is built in the constructor and thrown if
not null and the checkLoadScript method is called.
|
Constructor and Description |
---|
EmbededScriptSecurity(java.lang.String scriptType,
ParsedURL scriptURL,
ParsedURL docURL) |
Modifier and Type | Method and Description |
---|---|
void |
checkLoadScript()
Controls whether the script should be loaded or not.
|
public static final java.lang.String DATA_PROTOCOL
public static final java.lang.String ERROR_CANNOT_ACCESS_DOCUMENT_URL
public static final java.lang.String ERROR_SCRIPT_NOT_EMBEDED
protected java.lang.SecurityException se
public EmbededScriptSecurity(java.lang.String scriptType, ParsedURL scriptURL, ParsedURL docURL)
scriptType
- type of script, as found in the
type attribute of the <script> element.scriptURL
- url for the script, as defined in
the script's xlink:href attribute. If that
attribute was empty, then this parameter should
be nulldocURL
- url for the document into which the
script was found.public void checkLoadScript()
checkLoadScript
in interface ScriptSecurity
java.lang.SecurityException
- if the script should not be loaded.Copyright © 2022 Apache Software Foundation. All Rights Reserved.