org.apache.catalina.util

Class RequestUtil

public final class RequestUtil extends Object

General purpose request parsing and encoding utility methods.

Version: $Revision: 739532 $ $Date: 2009-01-31 10:52:13 +0100 (Sat, 31 Jan 2009) $

Author: Craig R. McClanahan Tim Tye

Method Summary
static Stringfilter(String message)
Filter the specified message string for characters that are sensitive in HTML.
static Stringnormalize(String path)
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.
static Stringnormalize(String path, boolean replaceBackSlash)
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.
static voidparseParameters(Map map, String data, String encoding)
Append request parameters from the specified String to the specified Map.
static voidparseParameters(Map map, byte[] data, String encoding)
Append request parameters from the specified String to the specified Map.
static StringURLDecode(String str)
Decode and return the specified URL-encoded String.
static StringURLDecode(String str, String enc)
Decode and return the specified URL-encoded String.
static StringURLDecode(String str, String enc, boolean isQuery)
Decode and return the specified URL-encoded String.
static StringURLDecode(byte[] bytes)
Decode and return the specified URL-encoded byte array.
static StringURLDecode(byte[] bytes, String enc)
Decode and return the specified URL-encoded byte array.
static StringURLDecode(byte[] bytes, String enc, boolean isQuery)
Decode and return the specified URL-encoded byte array.

Method Detail

filter

public static String filter(String message)
Filter the specified message string for characters that are sensitive in HTML. This avoids potential attacks caused by including JavaScript codes in the request URL that is often reported in error messages.

Parameters: message The message string to be filtered

normalize

public static String normalize(String path)
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.

Parameters: path Relative path to be normalized

normalize

public static String normalize(String path, boolean replaceBackSlash)
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it. WARNING - This method is useful only for normalizing application-generated paths. It does not try to perform security checks for malicious input.

Parameters: path Relative path to be normalized replaceBackSlash Should '\\' be replaced with '/'

parseParameters

public static void parseParameters(Map map, String data, String encoding)
Append request parameters from the specified String to the specified Map. It is presumed that the specified Map is not accessed from any other thread, so no synchronization is performed.

IMPLEMENTATION NOTE: URL decoding is performed individually on the parsed name and value elements, rather than on the entire query string ahead of time, to properly deal with the case where the name or value includes an encoded "=" or "&" character that would otherwise be interpreted as a delimiter.

Parameters: map Map that accumulates the resulting parameters data Input string containing request parameters

Throws: IllegalArgumentException if the data is malformed

parseParameters

public static void parseParameters(Map map, byte[] data, String encoding)
Append request parameters from the specified String to the specified Map. It is presumed that the specified Map is not accessed from any other thread, so no synchronization is performed.

IMPLEMENTATION NOTE: URL decoding is performed individually on the parsed name and value elements, rather than on the entire query string ahead of time, to properly deal with the case where the name or value includes an encoded "=" or "&" character that would otherwise be interpreted as a delimiter. NOTE: byte array data is modified by this method. Caller beware.

Parameters: map Map that accumulates the resulting parameters data Input string containing request parameters encoding Encoding to use for converting hex

Throws: UnsupportedEncodingException if the data is malformed

URLDecode

public static String URLDecode(String str)
Decode and return the specified URL-encoded String. When the byte array is converted to a string, the system default character encoding is used... This may be different than some other servers. It is assumed the string is not a query string.

Parameters: str The url-encoded string

Throws: IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number

URLDecode

public static String URLDecode(String str, String enc)
Decode and return the specified URL-encoded String. It is assumed the string is not a query string.

Parameters: str The url-encoded string enc The encoding to use; if null, the default encoding is used

Throws: IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number

URLDecode

public static String URLDecode(String str, String enc, boolean isQuery)
Decode and return the specified URL-encoded String.

Parameters: str The url-encoded string enc The encoding to use; if null, the default encoding is used isQuery Is this a query string being processed

Throws: IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number

URLDecode

public static String URLDecode(byte[] bytes)
Decode and return the specified URL-encoded byte array. It is assumed the string is not a query string.

Parameters: bytes The url-encoded byte array

Throws: IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number

URLDecode

public static String URLDecode(byte[] bytes, String enc)
Decode and return the specified URL-encoded byte array. It is assumed the string is not a query string.

Parameters: bytes The url-encoded byte array enc The encoding to use; if null, the default encoding is used

Throws: IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number

URLDecode

public static String URLDecode(byte[] bytes, String enc, boolean isQuery)
Decode and return the specified URL-encoded byte array.

Parameters: bytes The url-encoded byte array enc The encoding to use; if null, the default encoding is used isQuery Is this a query string being processed

Throws: IllegalArgumentException if a '%' character is not followed by a valid 2-digit hexadecimal number

Copyright © 2000-2011 Apache Software Foundation. All Rights Reserved.