Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Licensed to the Apache Software Foundation (ASF) under one or more
   * contributor license agreements.  See the NOTICE file distributed with
   * this work for additional information regarding copyright ownership.
   * The ASF licenses this file to You under the Apache License, Version 2.0
   * (the "License"); you may not use this file except in compliance with
   * the License.  You may obtain a copy of the License at
   * 
   *      http://www.apache.org/licenses/LICENSE-2.0
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 
 package org.apache.catalina.util;
 
 import java.util.Map;
General purpose request parsing and encoding utility methods.

Author(s):
Craig R. McClanahan
Tim Tye
Version:
$Revision: 1652 $ $Date: 2011-02-10 10:14:54 +0100 (Thu, 10 Feb 2011) $
 
 
 public final class RequestUtil {


    
The DateFormat to use for generating readable dates in cookies.
 
     private static SimpleDateFormat format =
         new SimpleDateFormat(" EEEE, dd-MMM-yy kk:mm:ss zz");
 
     static {
         .setTimeZone(TimeZone.getTimeZone("GMT"));
     }


    
Filter the specified message string for characters that are sensitive in HTML. This avoids potential attacks caused by including JavaScript codes in the request URL that is often reported in error messages.

Parameters:
message The message string to be filtered
 
     public static String filter(String message) {
 
         if (message == null)
             return (null);
 
         char content[] = new char[message.length()];
         message.getChars(0, message.length(), content, 0);
         StringBuilder result = new StringBuilder(content.length + 50);
         for (int i = 0; i < content.lengthi++) {
             switch (content[i]) {
             case '<':
                 result.append("&lt;");
                 break;
             case '>':
                 result.append("&gt;");
                 break;
             case '&':
                 result.append("&amp;");
                 break;
             case '"':
                 result.append("&quot;");
                 break;
             default:
                 result.append(content[i]);
             }
         }
         return (result.toString());
 
     }


    
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.

Parameters:
path Relative path to be normalized
 
     public static String normalize(String path) {
         return normalize(pathtrue);
     }

    
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.

Parameters:
path Relative path to be normalized
replaceBackSlash Should '\\' be replaced with '/'
    public static String normalize(String pathboolean replaceBackSlash) {
        if (path == null)
            return null;
        // Create a place for the normalized path
        String normalized = path;
        if (replaceBackSlash && normalized.indexOf('\\') >= 0)
            normalized = normalized.replace('\\''/');
        if (normalized.equals("/."))
            return "/";
        // Add a leading "/" if necessary
        if (!normalized.startsWith("/"))
            normalized = "/" + normalized;
        // Resolve occurrences of "//" in the normalized path
        while (true) {
            int index = normalized.indexOf("//");
            if (index < 0)
                break;
            normalized = normalized.substring(0, index) +
                normalized.substring(index + 1);
        }
        // Resolve occurrences of "/./" in the normalized path
        while (true) {
            int index = normalized.indexOf("/./");
            if (index < 0)
                break;
            normalized = normalized.substring(0, index) +
                normalized.substring(index + 2);
        }
        // Resolve occurrences of "/../" in the normalized path
        while (true) {
            int index = normalized.indexOf("/../");
            if (index < 0)
                break;
            if (index == 0)
                return (null);  // Trying to go outside our context
            int index2 = normalized.lastIndexOf('/'index - 1);
            normalized = normalized.substring(0, index2) +
                normalized.substring(index + 3);
        }
        // Return the normalized path that we have completed
        return (normalized);
    }


    
Append request parameters from the specified String to the specified Map. It is presumed that the specified Map is not accessed from any other thread, so no synchronization is performed.

IMPLEMENTATION NOTE: URL decoding is performed individually on the parsed name and value elements, rather than on the entire query string ahead of time, to properly deal with the case where the name or value includes an encoded "=" or "&" character that would otherwise be interpreted as a delimiter.

Parameters:
map Map that accumulates the resulting parameters
data Input string containing request parameters
Throws:
java.lang.IllegalArgumentException if the data is malformed
    public static void parseParameters(Map mapString dataString encoding)
        throws UnsupportedEncodingException {
        if ((data != null) && (data.length() > 0)) {
            // use the specified encoding to extract bytes out of the
            // given string so that the encoding is not lost. If an
            // encoding is not specified, let it use platform default
            byte[] bytes = null;
            try {
                if (encoding == null) {
                    bytes = data.getBytes();
                } else {
                    bytes = data.getBytes(encoding);
                }
            } catch (UnsupportedEncodingException uee) {
            }
            parseParameters(mapbytesencoding);
        }
    }


    
Decode and return the specified URL-encoded String. When the byte array is converted to a string, the system default character encoding is used... This may be different than some other servers. It is assumed the string is not a query string.

Parameters:
str The url-encoded string
Throws:
java.lang.IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number
    public static String URLDecode(String str) {
        return URLDecode(strnull);
    }


    
Decode and return the specified URL-encoded String. It is assumed the string is not a query string.

Parameters:
str The url-encoded string
enc The encoding to use; if null, the default encoding is used
Throws:
java.lang.IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number
    public static String URLDecode(String strString enc) {
        return URLDecode(strencfalse);
    }

    
Decode and return the specified URL-encoded String.

Parameters:
str The url-encoded string
enc The encoding to use; if null, the default encoding is used
isQuery Is this a query string being processed
Throws:
java.lang.IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number
    public static String URLDecode(String strString encboolean isQuery) {
        if (str == null)
            return (null);
        // use the specified encoding to extract bytes out of the
        // given string so that the encoding is not lost. If an
        // encoding is not specified, let it use platform default
        byte[] bytes = null;
        try {
            if (enc == null) {
                bytes = str.getBytes();
            } else {
                bytes = str.getBytes(enc);
            }
        } catch (UnsupportedEncodingException uee) {}
        return URLDecode(bytesencisQuery);
    }


    
Decode and return the specified URL-encoded byte array.

Parameters:
bytes The url-encoded byte array
Throws:
java.lang.IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number
    public static String URLDecode(byte[] bytes) {
        return URLDecode(bytesnull);
    }


    
Decode and return the specified URL-encoded byte array.

Parameters:
bytes The url-encoded byte array
enc The encoding to use; if null, the default encoding is used
Throws:
java.lang.IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number
    public static String URLDecode(byte[] bytesString enc) {
        return URLDecode(bytesencfalse);
    }

    
Decode and return the specified URL-encoded byte array.

Parameters:
bytes The url-encoded byte array
enc The encoding to use; if null, the default encoding is used
isQuery Is this a query string being processed
Throws:
java.lang.IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number
    public static String URLDecode(byte[] bytesString encboolean isQuery) {
        if (bytes == null)
            return (null);
        int len = bytes.length;
        int ix = 0;
        int ox = 0;
        while (ix < len) {
            byte b = bytes[ix++];     // Get byte to test
            if (b == '+' && isQuery) {
                b = (byte)' ';
            } else if (b == '%') {
                if (ix + 2 > len) {
                    throw new IllegalArgumentException("%xx URL decode missing digit");
                }
                b = (byte) ((convertHexDigit(bytes[ix++]) << 4)
                            + convertHexDigit(bytes[ix++]));
            }
            bytes[ox++] = b;
        }
        if (enc != null) {
            try {
                return new String(bytes, 0, oxenc);
            } catch (UnsupportedEncodingException e) {
                return null;
            }
        }
        return new String(bytes, 0, ox);
    }


    
Convert a byte character value to hexidecimal digit value.

Parameters:
b the character value byte
    private static byte convertHexDigitbyte b ) {
        if ((b >= '0') && (b <= '9')) return (byte)(b - '0');
        if ((b >= 'a') && (b <= 'f')) return (byte)(b - 'a' + 10);
        if ((b >= 'A') && (b <= 'F')) return (byte)(b - 'A' + 10);
        return 0;
    }


    
Put name and value pair in map. When name already exist, add value to array of values.

Parameters:
map The map to populate
name The parameter name
value The parameter value
    private static void putMapEntryMap mapString nameString value) {
        String[] newValues = null;
        String[] oldValues = (String[]) map.get(name);
        if (oldValues == null) {
            newValues = new String[1];
            newValues[0] = value;
        } else {
            newValues = new String[oldValues.length + 1];
            System.arraycopy(oldValues, 0, newValues, 0, oldValues.length);
            newValues[oldValues.length] = value;
        }
        map.put(namenewValues);
    }


    
Append request parameters from the specified String to the specified Map. It is presumed that the specified Map is not accessed from any other thread, so no synchronization is performed.

IMPLEMENTATION NOTE: URL decoding is performed individually on the parsed name and value elements, rather than on the entire query string ahead of time, to properly deal with the case where the name or value includes an encoded "=" or "&" character that would otherwise be interpreted as a delimiter. NOTE: byte array data is modified by this method. Caller beware.

Parameters:
map Map that accumulates the resulting parameters
data Input string containing request parameters
encoding Encoding to use for converting hex
Throws:
java.io.UnsupportedEncodingException if the data is malformed
    public static void parseParameters(Map mapbyte[] dataString encoding)
        throws UnsupportedEncodingException {
        if (data != null && data.length > 0) {
            int    ix = 0;
            int    ox = 0;
            String key = null;
            String value = null;
            while (ix < data.length) {
                byte c = data[ix++];
                switch ((charc) {
                case '&':
                    value = new String(data, 0, oxencoding);
                    if (key != null) {
                        putMapEntry(mapkeyvalue);
                        key = null;
                    }
                    ox = 0;
                    break;
                case '=':
                    if (key == null) {
                        key = new String(data, 0, oxencoding);
                        ox = 0;
                    } else {
                        data[ox++] = c;
                    }                   
                    break;  
                case '+':
                    data[ox++] = (byte)' ';
                    break;
                case '%':
                    data[ox++] = (byte)((convertHexDigit(data[ix++]) << 4)
                                    + convertHexDigit(data[ix++]));
                    break;
                default:
                    data[ox++] = c;
                }
            }
            //The last value does not end in '&'.  So save it now.
            if (key != null) {
                value = new String(data, 0, oxencoding);
                putMapEntry(mapkeyvalue);
            }
        }
    }
New to GrepCode? Check out our FAQ X