Mercurial > dive4elements > river
comparison flys-client/src/main/java/de/intevation/flys/client/server/GreetingServiceImpl.java @ 0:4e8be5e7855f
Start of a GWT based client for FLYS-3.0
flys-client/trunk@1305 c6561f87-3c4e-4783-a992-168aeb5c3f6f
| author | Ingo Weinzierl <ingo.weinzierl@intevation.de> |
|---|---|
| date | Tue, 08 Feb 2011 10:29:49 +0000 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:4e8be5e7855f |
|---|---|
| 1 package de.intevation.flys.client.server; | |
| 2 | |
| 3 import de.intevation.flys.client.client.GreetingService; | |
| 4 import de.intevation.flys.client.shared.FieldVerifier; | |
| 5 import com.google.gwt.user.server.rpc.RemoteServiceServlet; | |
| 6 | |
| 7 /** | |
| 8 * The server side implementation of the RPC service. | |
| 9 */ | |
| 10 @SuppressWarnings("serial") | |
| 11 public class GreetingServiceImpl extends RemoteServiceServlet implements | |
| 12 GreetingService { | |
| 13 | |
| 14 public String greetServer(String input) throws IllegalArgumentException { | |
| 15 // Verify that the input is valid. | |
| 16 if (!FieldVerifier.isValidName(input)) { | |
| 17 // If the input is not valid, throw an IllegalArgumentException back to | |
| 18 // the client. | |
| 19 throw new IllegalArgumentException( | |
| 20 "Name must be at least 4 characters long"); | |
| 21 } | |
| 22 | |
| 23 String serverInfo = getServletContext().getServerInfo(); | |
| 24 String userAgent = getThreadLocalRequest().getHeader("User-Agent"); | |
| 25 | |
| 26 // Escape data from the client to avoid cross-site script vulnerabilities. | |
| 27 input = escapeHtml(input); | |
| 28 userAgent = escapeHtml(userAgent); | |
| 29 | |
| 30 return "Hello, " + input + "!<br><br>I am running " + serverInfo | |
| 31 + ".<br><br>It looks like you are using:<br>" + userAgent; | |
| 32 } | |
| 33 | |
| 34 /** | |
| 35 * Escape an html string. Escaping data received from the client helps to | |
| 36 * prevent cross-site script vulnerabilities. | |
| 37 * | |
| 38 * @param html the html string to escape | |
| 39 * @return the escaped string | |
| 40 */ | |
| 41 private String escapeHtml(String html) { | |
| 42 if (html == null) { | |
| 43 return null; | |
| 44 } | |
| 45 return html.replaceAll("&", "&").replaceAll("<", "<").replaceAll( | |
| 46 ">", ">"); | |
| 47 } | |
| 48 } |