Package freemarker.ext.beans

Class WhitelistMemberAccessPolicy

java.lang.Object
freemarker.ext.beans.MemberSelectorListMemberAccessPolicy
freemarker.ext.beans.WhitelistMemberAccessPolicy
All Implemented Interfaces:
MemberAccessPolicy
public class WhitelistMemberAccessPolicy extends MemberSelectorListMemberAccessPolicy
Whitelist-based member access policy, that is, only members that are matched by the listing will be exposed. Note that BeansWrapper and its subclasses doesn't discover all members on the first place, and the MemberAccessPolicy just removes from that set of members, never adds to it.

The whitelist content is usually application specific, and can be significant work to put together, but it's the only way you can achieve any practical safety when you don't fully trust the users who can edit templates.

See more about the rules at MemberSelectorListMemberAccessPolicy. TemplateAccessible annotation may be used to add members to the whitelist.

Of course, this only can deal with the ObjectWrapper aspect of safety; please check the Manual to see what else is needed. Also, since this is related to security, read the documentation of MemberAccessPolicy, to know about the pitfalls and edge cases related to MemberAccessPolicy-es in general.

Since:
2.3.30

  • Constructor Details

  • Method Details

    • isToStringAlwaysExposed

      public boolean isToStringAlwaysExposed()
      Description copied from interface: MemberAccessPolicy
      If this returns true, we won't invoke the probably more expensive lookup to figure out if Object.toString() (including its overridden variants) is exposed for a given object. If this returns false, then no such optimization is made. This method was introduced as Object.toString() is called frequently, as it's used whenever an object is converted to string, like printed to the output, and it's not even a reflection-based call (we just call Object.toString() in Java). So we try to avoid the overhead of a more generic method call.