Class ScriptFreeTLV

java.lang.Object
javax.servlet.jsp.tagext.TagLibraryValidator
javax.servlet.jsp.jstl.tlv.ScriptFreeTLV

public class ScriptFreeTLV extends TagLibraryValidator

A TagLibraryValidator for enforcing restrictions against the use of JSP scripting elements.

This TLV supports four initialization parameters, for controlling which of the four types of scripting elements are allowed or prohibited:

  • allowDeclarations: if true, indicates that declaration elements are not prohibited.
  • allowScriptlets: if true, indicates that scriptlets are not prohibited
  • allowExpressions: if true, indicates that top-level expression elements (i.e., expressions not associated with request-time attribute values) are not prohibited.
  • allowRTExpressions: if true, indicates that expression elements associated with request-time attribute values are not prohibited.

The default value for all for initialization parameters is false, indicating all forms of scripting elements are to be prohibited.

  • Constructor Details

    • ScriptFreeTLV

      public ScriptFreeTLV()
      Constructs a new validator instance. Initializes the parser factory to create non-validating, namespace-aware SAX parsers.
  • Method Details

    • setInitParameters

      public void setInitParameters(Map<String,Object> initParms)
      Sets the values of the initialization parameters, as supplied in the TLD.
      Overrides:
      setInitParameters in class TagLibraryValidator
      Parameters:
      initParms - a mapping from the names of the initialization parameters to their values, as specified in the TLD.
    • validate

      public ValidationMessage[] validate(String prefix, String uri, PageData page)
      Validates a single JSP page.
      Overrides:
      validate in class TagLibraryValidator
      Parameters:
      prefix - the namespace prefix specified by the page for the custom tag library being validated.
      uri - the URI specified by the page for the TLD of the custom tag library being validated.
      page - a wrapper around the XML representation of the page being validated.
      Returns:
      null, if the page is valid; otherwise, a ValidationMessage[] containing one or more messages indicating why the page is not valid.