java.lang.Object
io.sf.carte.echosvg.bridge.DefaultScriptSecurity
- All Implemented Interfaces:
ScriptSecurity
Default implementation for the
ScriptSecurity interface. It
allows all types of scripts to be loaded, but only if they come from the same
server as the document they are included into.-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final StringMessage when trying to load a script file and the Document does not have a URLstatic final StringMessage when trying to load a script file from a server different than the one of the document.protected SecurityExceptionThe exception is built in the constructor and thrown if not null and the checkLoadScript method is called. -
Constructor Summary
ConstructorsConstructorDescriptionDefaultScriptSecurity(String scriptType, ParsedURL scriptURL, ParsedURL docURL) -
Method Summary
Modifier and TypeMethodDescriptionvoidControls whether the script should be loaded or not.
-
Field Details
-
DATA_PROTOCOL
- See Also:
-
ERROR_CANNOT_ACCESS_DOCUMENT_URL
Message when trying to load a script file and the Document does not have a URL- See Also:
-
ERROR_SCRIPT_FROM_DIFFERENT_URL
Message when trying to load a script file from a server different than the one of the document.- See Also:
-
se
The exception is built in the constructor and thrown if not null and the checkLoadScript method is called.
-
-
Constructor Details
-
DefaultScriptSecurity
- Parameters:
scriptType- type of script, as found in the type attribute of the <script> element.scriptURL- url for the script, as defined in the script's xlink:href attribute. If that attribute was empty, then this parameter should be nulldocURL- url for the document into which the script was found.
-
-
Method Details
-
checkLoadScript
public void checkLoadScript()Controls whether the script should be loaded or not.- Specified by:
checkLoadScriptin interfaceScriptSecurity- Throws:
SecurityException- if the script should not be loaded.
-