CureKit is a security library mostly used by the WhiteSource Cure self-fixing product.
WhiteSource Cure is an innovative solution that automatically generates remediation suggestions for vulnerabilities identified by detection tools in proprietary code. The remediation suggestions are presented on the vulnerable code itself and can be used as-is in your IDE.
CureKit contains encoders and other utilities, critical to the Self-Healing process suggested by WhiteSource Cure. The sanitization methods offered in CureKit offer solutions for security vulnerabilities in your code, such as Cross-Site Scripting, Path Traversal, Os Command Injection and more. These methods rely on OWASP's encoders and best-practice fix recommendations.
You can download a JAR from Maven Central.
The jar is also available in Maven:
<dependency>
<groupId>io.whitesource</groupId>
<artifactId>curekit</artifactId>
<version>1.1.0</version>
</dependency>The CureKit Java library is intended for quick contextual encoding with very little overhead, either in performance or usage. To get started, simply add the encoder-1.0.3.jar, import io.whitesource.cure.Encoder and start using.
Example usage:
PrintWriter out = ....;
out.println("<textarea>"+Encode.forHtmlXss(userData)+"</textarea>");