Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
| Modifiers | Name | Description |
|---|---|---|
static interface |
SecureASTCustomizer.ExpressionChecker |
This interface allows the user to plugin custom expression checkers if expression blacklist or whitelist are not sufficient |
static interface |
SecureASTCustomizer.StatementChecker |
This interface allows the user to plugin custom statement checkers if statement blacklist or whitelist are not sufficient |
| Constructor and description |
|---|
SecureASTCustomizer
() |
| Methods inherited from class | Name |
|---|---|
class CompilationCustomizer |
getPhase |
An alternative way of setting constant types.
constantTypesBlackList - a list of classes.An alternative way of setting constant types.
constantTypesWhiteList - a list of classes.Set this option to true if you want your import rules to be checked against every class node. This means that if someone uses a fully qualified class name, then it will also be checked against the import rules, preventing, for example, instantiation of classes without imports thanks to FQCN.
indirectImportCheckEnabled - set to true to enable indirect checksSets the list of classes which deny method calls. Please note that since Groovy is a dynamic language, and this class performs a static type check, it will be reletively simple to bypass any blacklist unless the receivers blacklist contains, at a minimum, Object, Script, GroovyShell, and Eval. Additionally, it is necessary to also blacklist MethodPointerExpression in the expressions blacklist for the receivers blacklist to function as a security check.
receiversBlackList - the list of refused classes, as fully qualified namesAn alternative way of setting receiver classes.
receiversBlacklist - a list of classes.An alternative way of setting receiver classes.
receiversWhitelist - a list of classes.Sets the list of classes which may accept method calls.
receiversWhiteList - the list of accepted classes, as fully qualified namesSets the list of tokens which are blacklisted.
tokensBlacklist - the tokens. The values of the tokens must be those of TypesCopyright © 2003-2015 The Apache Software Foundation. All rights reserved.