Package ortus.boxlang.modules.esapi.bifs

Class Canonicalize

java.lang.Object

ortus.boxlang.runtime.bifs.BIF

ortus.boxlang.modules.esapi.bifs.Canonicalize

@BoxBIF
@BoxMember(type=STRING)
public class Canonicalize
extends ortus.boxlang.runtime.bifs.BIF

Field Summary

Fields inherited from class ortus.boxlang.runtime.bifs.BIF

__functionName, __isMemberExecution, asyncService, cacheService, componentService, declaredArguments, functionService, interceptorService, moduleService, runtime

Constructor Summary

Constructors

Constructor	Description
Canonicalize()	Constructor

Method Summary

Modifier and Type	Method	Description
Object	_invoke(ortus.boxlang.runtime.context.IBoxContext context, ortus.boxlang.runtime.scopes.ArgumentsScope arguments)	Canonicalize or decode the input string.

Methods inherited from class ortus.boxlang.runtime.bifs.BIF

announce, getDeclaredArguments, invoke

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Canonicalize

public Canonicalize()

Constructor

Method Details

_invoke

public Object _invoke(ortus.boxlang.runtime.context.IBoxContext context,
 ortus.boxlang.runtime.scopes.ArgumentsScope arguments)

Canonicalize or decode the input string. Canonicalization is simply the operation of reducing a possibly encoded string down to its simplest form. This is important because attackers frequently use encoding to change their input in a way that will bypass validation filters, but still be interpreted properly by the target of the attack.

Note that data encoded more than once is not something that a normal user would generate and should be regarded as an attack.

Specified by:

_invoke in class ortus.boxlang.runtime.bifs.BIF

Parameters:

context - The context in which the BIF is being invoked.

arguments - Argument scope for the BIF.

Returns:

The canonicalized string.