How to Protect Text Input from Cross-Site-Scripting (XSS) Attacks Through Normalization using Java

One way to stop a Cross-Site Scripting (XSS) attack is by normalizing the string in question. Our XSS API will take care of that for you, returning a normalized result along with a notification that the string did contain (true) or did not contain (false) an XSS attack. A successful JSON response model looks as follows:

{
"Successful": true,
"ContainedXss": true,
"OriginalInput": "string",
"NormalizedResult": "string"
}

To help you include this API in your Java project, we’ve provided ready-to-run code samples from our API Console page to help you make your connection. Below installation instructions are for Maven; visit the Cloudmersive API Console to find instructions for installation with Gradle.

First, add a reference to the repository in pom.xml:

<repositories>
<repository>
<id>jitpack.io</id>
<url>https://jitpack.io</url>
</repository>
</repositories>

Once done, add this reference to the dependency in pom.xml:

<dependencies>
<dependency>
<groupId>com.github.Cloudmersive</groupId>
<artifactId>Cloudmersive.APIClient.Java</artifactId>
<version>v4.25</version>
</dependency>
</dependencies>

Finally, add the imports and call the validation function:

// Import classes:
//import com.cloudmersive.client.invoker.ApiClient;
//import com.cloudmersive.client.invoker.ApiException;
//import com.cloudmersive.client.invoker.Configuration;
//import com.cloudmersive.client.invoker.auth.*;
//import com.cloudmersive.client.ContentThreatDetectionApi;
ApiClient defaultClient = Configuration.getDefaultApiClient();// Configure API key authorization: Apikey
ApiKeyAuth Apikey = (ApiKeyAuth) defaultClient.getAuthentication("Apikey");
Apikey.setApiKey("YOUR API KEY");
// Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)
//Apikey.setApiKeyPrefix("Token");
ContentThreatDetectionApi apiInstance = new ContentThreatDetectionApi();
String value = "value_example"; // String | User-facing text input.
try {
StringXssProtectionResult result = apiInstance.contentThreatDetectionProtectXss(value);
System.out.println(result);
} catch (ApiException e) {
System.err.println("Exception when calling ContentThreatDetectionApi#contentThreatDetectionProtectXss");
e.printStackTrace();
}

Poof — just like magic. Your input will be normalized and analyzed for XSS attacks.

--

--

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Cloudmersive

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.