Skip to content

Instantly share code, notes, and snippets.

@circlee

circlee/XssStringDeserializer

Created July 4, 2017 09:32
Show Gist options
  • Save circlee/3a973c842476a5d198cccf1a31790db3 to your computer and use it in GitHub Desktop.
Save circlee/3a973c842476a5d198cccf1a31790db3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
XssStringDeserializer
import java.io.IOException;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
public class XssStringDeserializer extends JsonDeserializer<String> {
@Override
public String deserialize(JsonParser p, DeserializationContext ctxt)
throws IOException, JsonProcessingException {
// origin value
String origin = p.getValueAsString();
// do something (ex: xss filtering)
String replaced = origin + " <- deserialized";
return replaced;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment