Open in app

Sign in

Write

Sign in

Check HTML Text for SSRF Threats in Java

Cloudmersive
2 min readMay 7, 2021

Wondering how you can protect you and your business from SSRF attacks? If so, you’ve come to the right place. In this brief tutorial, we will demonstrate how to use an API in Java to detect SSRF attacks and unsafe URL attacks from HTML text input; this will prevent malicious attempts to access vulnerable local or network paths in the server environment via HTML injection.

To begin, we will install the Maven SDK by adding a reference to the repository in pom.xml:

<repositories>
    <repository>
        <id>jitpack.io</id>
        <url>https://jitpack.io</url>
    </repository>
</repositories>

Next, we will add a reference to the dependency:

<dependencies>
<dependency>
    <groupId>com.github.Cloudmersive</groupId>
    <artifactId>Cloudmersive.APIClient.Java</artifactId>
    <version>v3.90</version>
</dependency>
</dependencies>

Now that the installation is complete, we’re ready to add the imports to the top of the controller and call the validation function:

// Import classes:
//import com.cloudmersive.client.invoker.ApiClient;
//import com.cloudmersive.client.invoker.ApiException;
//import com.cloudmersive.client.invoker.Configuration;
//import com.cloudmersive.client.invoker.auth.*;
//import com.cloudmersive.client.TextInputApi;ApiClient defaultClient = Configuration.getDefaultApiClient();// Configure API key authorization: Apikey
ApiKeyAuth Apikey = (ApiKeyAuth) defaultClient.getAuthentication("Apikey");
Apikey.setApiKey("YOUR API KEY");
// Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)
//Apikey.setApiKeyPrefix("Token");TextInputApi apiInstance = new TextInputApi();
String value = "value_example"; // String | User-facing HTML input.
try {
    HtmlSsrfDetectionResult result = apiInstance.textInputCheckHtmlSsrf(value);
    System.out.println(result);
} catch (ApiException e) {
    System.err.println("Exception when calling TextInputApi#textInputCheckHtmlSsrf");
    e.printStackTrace();
}

This will promptly return a result indicating if your user-facing input is free from SSRF threats

API
Java
HTML
Ssrf
Tutorial

--

--

Cloudmersive

Written by Cloudmersive

582 Followers

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams