Modify Sling request parameters

Question

I am building a web app based on Adobe CQ 5.6.1. I have a need to use SlingHttpServletRequest.getRequestParameters(..), I also want that when i call this method i should get modified request parameters which are XSS cleaned

Now to ensure that this method returns the XSS clean data, I thought of writing a filter class which does not work as I tried to override the getRequestParameter, getRequestParameters methods. However I am unable to do as the return type is RequestParameter (or array of them). In case of HttpServletRequest, the return is String so I could return the modified String.

How can I modify Sling request parameters?
I was thinking that Sling request parameters are based on httpservletrequest.getParameter. Is this correct?

Please suggest.

suggestions wud be appreciated – ramesh Mar 30 '14 at 18:04 — ramesh, Mar 30 '14 at 18:04

score 0 · Answer 1 · answered Mar 31 '14 at 08:12

the way Requests and Responses works in Sling is exactly the same of the old plain JEE. If you want to override some Request parameter within a filter like in your example, you'll have to modify them and then pass along the chain of filters (if needed) a wrapped request.

See

http://sling.apache.org/apidocs/sling5/org/apache/sling/api/wrappers/SlingHttpServletRequestWrapper.html

In your specific case I would suggest you to have a look at the XSS API from Granite within the CQ API. Sorry no link as it's currently giving a 503.

HTH Davide

Here's the Java doc for [XSSAPI](https://dev.day.com/docs/en/cq/current/javadoc/com/adobe/granite/xss/XSSAPI.html). — David Gorsline, Mar 31 '14 at 13:28

Modify Sling request parameters

1 Answers1