Examples of com.google.gwt.safehtml.shared.SafeUri

• com.google.gwt.safehtml.shared.SafeUri
  An object that implements this interface encapsulates a URI that is guaranteed to be safe to use (with respect to potential Cross-Site-Scripting vulnerabilities) in a URL context, for example in a URL-typed attribute in an HTML document.

  Note on usage: SafeUri should be used to ensure user input is not executed in the browser. SafeUri should not be used to sanitize input before sending it to the server: The server cannot rely on the type contract of SafeUri values received from clients, because a malicious client could provide maliciously crafted serialized forms of implementations of this type that violate the type contract.

  All implementing classes must maintain the class invariant (by design and implementation and/or convention of use), that invoking {@link #asString()}on any instance will return a string that is safe to assign to a URL-typed DOM or CSS property in a browser (or to use similarly in a "URL context"), in the sense that doing so must not cause unintended execution of script in the browser.

  In determining safety of a URL both the value itself as well as its provenance matter. An arbitrary URI, including e.g. a javascript: URI, can be deemed safe in the sense of this type's contract if it is entirely under the program's control (e.g., a string literal, {@see UriUtils#fromSafeConstant}).

  All implementations must implement equals() and hashCode() to behave consistently with the result of asString().equals() and asString.hashCode().

  Implementations must not return {@code null} from {@link #asString()}.

    public static MyImages images = MyResources.INSTANCE.images();
    public BusyPanel()
    {
        setStyleName("busy-PopupPanel");
       setGlassEnabled(true);
       SafeUri imageUri = images.busyIconImageData().getSafeUri();
       final Image busyImage = new Image(imageUri);
       grid = new Grid(1,2);
       grid.setWidget(0,0,busyImage);
       this.container.add(grid);
       add(this.container);

        MyImages images = MyResources.INSTANCE.images();
        String name = ClientUtils.getUsernameFromCookie();
        String authProviderName = ClientUtils.getAuthProviderNameFromCookie();
        int authProvider = ClientUtils.getAuthProviderFromCookieAsInt();

        SafeUri safeUri = null;
        if (name != null)
        {
            String labelStr = "Welcome " + "<font color=\"#006600\">"+ authProviderName + "</font>" + " user " + "<font color=\"#006600\">" + name + "</font>";
            updateWelcomeLabel(labelStr);
            String tooltip = "You logged in using ";

            return 0;
          }

          @Override
          public SafeUri getSafeUri() {
            return new SafeUri() {

              @Override
              public String asString() {
                // TODO Auto-generated method stub
                return object.getThumbnailPic();

  public String getModuleName() {
    return "com.google.gwt.safecss.SafeCss";
  }

  public void testForBackgroundImage() {
    SafeUri uri = UriUtils.fromSafeConstant("http://localhost");
    assertEquals("background-image:url(\"http://localhost\");", SafeStylesUtils.forBackgroundImage(
        uri).asString());
  }

        return left;
    }

    @Override
    public SafeUri getSafeUri() {
        return new SafeUri() {

            @Override
            public String asString() {
                return uri;
            }

      return 0;
    }

    @Override
    public SafeUri getSafeUri() {
      return new SafeUri() {

        @Override
        public String asString() {
          return dataUrl;
        }