本文整理了Java中com.thoughtworks.xstream.security.WildcardTypePermission.<init>()方法的一些代码示例,展示了WildcardTypePermission.<init>()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。WildcardTypePermission.<init>()方法的具体详情如下:
包路径:com.thoughtworks.xstream.security.WildcardTypePermission
类名称:WildcardTypePermission
方法名:<init>
暂无
代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission forbidding types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to forbid names
* @since 1.4.7
*/
public void denyTypesByWildcard(String[] patterns) {
denyPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to allow type names
* @since 1.4.7
*/
public void allowTypesByWildcard(String[] patterns) {
addPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: org.apache.servicemix.bundles/org.apache.servicemix.bundles.xstream
/**
* Add security permission forbidding types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to forbid names
* @since 1.4.7
*/
public void denyTypesByWildcard(String[] patterns) {
denyPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: org.apache.servicemix.bundles/org.apache.servicemix.bundles.xstream
/**
* Add security permission for types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to allow type names
* @since 1.4.7
*/
public void allowTypesByWildcard(String[] patterns) {
addPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: x-stream/xstream
/**
* Add security permission for types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like
* 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and
* subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to allow type names
* @since 1.4.7
*/
public void allowTypesByWildcard(final String... patterns) {
addPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: org.apache.servicemix.bundles/org.apache.servicemix.bundles.xstream-java8
/**
* Add security permission for types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to allow type names
* @since 1.4.7
*/
public void allowTypesByWildcard(String[] patterns) {
addPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: org.apache.servicemix.bundles/org.apache.servicemix.bundles.xstream-java8
/**
* Add security permission forbidding types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to forbid names
* @since 1.4.7
*/
public void denyTypesByWildcard(String[] patterns) {
denyPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: apache/servicemix-bundles
/**
* Add security permission for types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to allow type names
* @since 1.4.7
*/
public void allowTypesByWildcard(String[] patterns) {
addPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: apache/servicemix-bundles
/**
* Add security permission forbidding types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to forbid names
* @since 1.4.7
*/
public void denyTypesByWildcard(String[] patterns) {
denyPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: x-stream/xstream
/**
* Add security permission forbidding types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like
* 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and
* subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to forbid names
* @since 1.4.7
*/
public void denyTypesByWildcard(final String... patterns) {
denyPermission(new WildcardTypePermission(patterns));
}
}代码示例来源:origin: org.kie.soup/kie-soup-commons
/**
* Vulnerable to CVE-210137285 variants. Do not use. Will be removed in the next few days!
* @deprecated in favor of {@link #createTrustingXStream()} and {@link #createNonTrustingXStream()}
*/
@Deprecated
private static XStream internalCreateXStream( XStream xstream ) {
setupDefaultSecurity(xstream);
xstream.addPermission( new WildcardTypePermission( new String[] {
"java.**", "javax.**", "org.kie.**", "org.drools.**", "org.jbpm.**", "org.optaplanner.**", "org.appformer.**"
} ) );
return xstream;
}代码示例来源:origin: org.apache.camel/camel-xstream
} else if (pterm.length() > 0) {
typePermission = new WildcardTypePermission(new String[]{pterm});代码示例来源:origin: org.kie.soup/kie-soup-commons
/**
* Use for XML or JSON that might not come from a trusted source (such as REST services payloads, ...).
* Automatically whitelists all classes with an {@link XStreamAlias} annotation.
* Often requires whitelisting additional domain specific classes, which you'll need to expose in your API's.
*/
private static XStream internalCreateNonTrustingXStream( XStream xstream ) {
setupDefaultSecurity(xstream);
// TODO remove if setupDefaultSecurity already does this.
// See comment in https://github.com/x-stream/xstream/pull/99
xstream.addPermission( new AnyAnnotationTypePermission());
xstream.addPermission( new WildcardTypePermission( WHITELISTED_PACKAGES ) );
// Do not add root permissions for "java", "org.kie" or the like here because that creates a security problem.
// For more information, see http://x-stream.github.io/security.html and various xstream dev list conversations.
// Instead, embrace a whitelist approach and expose that in your API's.
return xstream;
}代码示例来源:origin: kiegroup/droolsjbpm-integration
@Override
protected void buildMarshaller(Set<Class<?>> classes, ClassLoader classLoader) {
xstream = XStreamUtils.createNonTrustingXStream(new PureJavaReflectionProvider(), new DomDriver("UTF-8", new XmlFriendlyNameCoder("_-", "_")));
xstream.addPermission(new WildcardTypePermission(new String[]{"org.kie.server.api.**"}));
String[] voidDeny = {"void.class", "Void.class"};
xstream.denyTypes(voidDeny);
}
};代码示例来源:origin: ccavanaugh/jgnash
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
xstream.addPermission(ArrayTypePermission.ARRAYS);
xstream.addPermission(new WildcardTypePermission(new String[] {"java.**", "jgnash.engine.**"}));代码示例来源:origin: ccavanaugh/jgnash
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
xstream.addPermission(ArrayTypePermission.ARRAYS);
xstream.addPermission(new WildcardTypePermission(new String[] {"java.**", "jgnash.engine.**"}));内容来源于网络,如有侵权,请联系作者删除!