Package com.google.gwt.user.server

Class Util

java.lang.Object

com.google.gwt.user.server.Util

public class Util
extends java.lang.Object

A bunch of useful methods.

Method Summary

Modifier and Type	Method	Description
static <T extends java.lang.annotation.Annotation> T	getClassAnnotation(java.lang.Class<?> clazz, java.lang.Class<T> annotationClass)	Find an instance of the specified annotation, walking up the inheritance tree if necessary.
static javax.servlet.http.Cookie	getCookie(javax.servlet.http.HttpServletRequest request, java.lang.String cookieName, boolean allowDuplicates)	Retrieves named cookie from supplied request.
static boolean	isMethodXsrfProtected(java.lang.reflect.Method method, java.lang.Class<? extends java.lang.annotation.Annotation> xsrfAnnotation, java.lang.Class<? extends java.lang.annotation.Annotation> noXsrfAnnotation, java.lang.Class<?> xsrfTokenInterface)	Checks if specified method is XSRF protected based on the following logic: Method level annotations override class level annotations.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getClassAnnotation

public static <T extends java.lang.annotation.Annotation> T getClassAnnotation(java.lang.Class<?> clazz,
                                                                               java.lang.Class<T> annotationClass)

Find an instance of the specified annotation, walking up the inheritance tree if necessary. Copied from AnnotationUtil.

The super chain is walked first, so if an ancestor superclass has the requested annotation, it will be preferred over a directly implemented interface.

Type Parameters:

T - Annotation type to search for

Parameters:

clazz - root class to search, may be null

annotationClass - class object of Annotation subclass to search for

Returns:

the requested annotation or null if none

getCookie

public static javax.servlet.http.Cookie getCookie(javax.servlet.http.HttpServletRequest request,
                                                  java.lang.String cookieName,
                                                  boolean allowDuplicates)

Retrieves named cookie from supplied request. If allowDuplicates is set to true, method will throw IllegalStateException if duplicate cookies are found, which can be a sign of a cookie overwrite attack.

Parameters:

request - HTTP request to retrieve cookie from.

cookieName - Cookie name.

allowDuplicates - if true duplicate cookies are allowed, otherwise IllegalStateException is thrown if duplicate cookies are detected.

Returns:

Cookie if specified cookie is present, null otherwise.

Throws:

java.lang.IllegalArgumentException - if duplicate cookies are detected.

isMethodXsrfProtected

public static boolean isMethodXsrfProtected(java.lang.reflect.Method method,
                                            java.lang.Class<? extends java.lang.annotation.Annotation> xsrfAnnotation,
                                            java.lang.Class<? extends java.lang.annotation.Annotation> noXsrfAnnotation,
                                            java.lang.Class<?> xsrfTokenInterface)

Checks if specified method is XSRF protected based on the following logic:

• Method level annotations override class level annotations.
• If method is annotated with xsrfAnnotation this method returns true
• If method is annotated with noXsrfAnnotation, this method returns false.
• If class is annotated with xsrfAnnotation and method is not annotated, this method returns true.
• If class is annotated with noXsrfAnnotation and method is not annotated, this method returns false.
• If no annotations are present and class has a method with return value assignable from xsrfTokenInterface, this method returns true.
• If no annotations are present this method returns false.

See Also:

AbstractXsrfProtectedServiceServlet