This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<#assign theme_images_complete_path = request['theme-display']['path-theme-images']> | |
<#assign theme_images_path = httpUtil.getPath(theme_images_complete_path)> | |
<#assign theme_path = theme_images_path?keep_before("/images")> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HtmlUtil - to prevent XSS | |
HtmlUtil#escapeXPath - prevent XPath injection | |
AuthTokenUtil#checkCSRFToken - check CSRF tokens | |
FileUtil#createTempFile* - prevent file system related issues | |
PortalUtil#escapeRedirect - prevent open redirects | |
StringUtil#random* - insecure but random enough strings | |
PwdGenerator#getPassword, SecureRandomUtil – cryptographically strong pseudorandom output, optimized for performance | |
PasswordEncryptorUtil - verification and creation of strong password hashes, configured to use PBKDF2 by default | |
DigesterUtil - SHA-1 hashes, nowadays usable at most for file checksums |