Created
September 16, 2016 14:44
-
-
Save tejaskanani/f559b444f14e55a878dd206ca2249d53 to your computer and use it in GitHub Desktop.
Liferay security APIs List - LR 7.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HtmlUtil - to prevent XSS | |
HtmlUtil#escapeXPath - prevent XPath injection | |
AuthTokenUtil#checkCSRFToken - check CSRF tokens | |
FileUtil#createTempFile* - prevent file system related issues | |
PortalUtil#escapeRedirect - prevent open redirects | |
StringUtil#random* - insecure but random enough strings | |
PwdGenerator#getPassword, SecureRandomUtil – cryptographically strong pseudorandom output, optimized for performance | |
PasswordEncryptorUtil - verification and creation of strong password hashes, configured to use PBKDF2 by default | |
DigesterUtil - SHA-1 hashes, nowadays usable at most for file checksums | |
source - https://dev.liferay.com/discover/deployment/-/knowledge_base/7-0/liferay-portal-security-overview#secure-development-recommendations |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment