Given
class MyPOJO {
@XssSanitized()
String name
}
@Retention(RetentionPolicy.RUNTIME)
@interface XssSanitized {
}
import org.aspectj.lang.annotation.Aspect
@Aspect
@Slf4j
@Component
class XssSanitizedAspect {
@Around("@within(com.es.phoenix.services.security.XssSanitized))")
void sanitize(){
//capture the value of the annotated String
//make an arbritary change to the string
//return modified string or otherwise overwrite the property
log.info("XssSanitizedAspect is working!!!!")
}
}
Is it possible to modify the property myPOJOObject.name inside of XssSanitizedAspect?
In reality, I need a way to XSS sanitize String properties. I tried creating a custom Jackson Deserializer. It worked, but I cannot inject a feature toggle (without a workaround that breaks all the contracts with the UI) so that solution failed me.
I've gone through numerous examples online. I have not found an example where the annotated property has it's value directly modified in such a way.
