/    Sign up×
Community /Pin to ProfileBookmark

Char and String functionality

Copy linkTweet thisAlerts:
Dec 03.2004

I have a set of characters I want to escape in an http request so that I can make a web site more secure.

I will be iterating through all the fields on the form and I want to compare each character in each request parameter to a string of known problem characters such as “%&<>” etc. I will then want to escape them by adding a “” in front of it so they are taken as literals.

I am writing both the parameter value (form field value) and the string of bad characters to char[]s and I am comparing each element in these arrays to each other in nested for loops.

  • * I want to ultimately have a new string, that I can post back to the request, that will have “” in front of all the invalid characters. *

    • My questions are…

    1) I can’t replace a char[] element with more than 1 character. So I can’t, say, replace a “%” with a “%” directly inside the char[] array. What is the best way to build the new string outside of updating the array?

    Instead of placing a “” in front I may just strip out the invalid characters altogether.
    2) How do I write an empty value, say “”, to a char[] element so I can replace “%” with nothing say?

    3) How do I write out the contents of a char[] to a string in general?

    I am willing to give up using char[] altogether if it will help reach the goal.

    I am sort of new to Java so I don’t know all the functions at my disposal and do not have enough time to go through everything. I know this was a bit long. Thanks for reading it.

    to post a comment
    Java

    4 Comments(s)

    Copy linkTweet thisAlerts:
    @blanoelDec 03.2004 — ---> It seems that most of what you are trying to accomplish can be achieved with regular expression parsing. I don't know the exact details of your app, however the String class has many overloaded constructors, one which takes a char[].

    --->It is always easier to manipulate a java object as compared to primitive types. Strings are highly flexible, however do take a lot of overhead to use. If it some small task, using Strings is what I would recommend. You can easily covert back and forth between String and char[].

    --->As for char replacement, that could be achieved with regular expression parsing or simple String methods.


    Hope this helps!
    Copy linkTweet thisAlerts:
    @xmike1authorDec 03.2004 — Thanks for the response. Unfortunately I am using Java 1.3.1 and regex was introduced in 1.4. I initially started out looking to use regular expressions but was thwarted by this version issue.
    Copy linkTweet thisAlerts:
    @blanoelDec 03.2004 — Your welcome.

    That's too bad. Regex package is quite powerful. String objects are still quite useful due to the ease of conversion between char[] and String.

    Good luck.
    Copy linkTweet thisAlerts:
    @ray326Dec 03.2004 — Parse/copy the content of the char[] into a StringBuffer then toString() that if String is a required ouput type. Using a StringBuffer instead of the char[] might get you something else, too.
    ×

    Success!

    Help @xmike1 spread the word by sharing this article on Twitter...

    Tweet This
    Sign in
    Forgot password?
    Sign in with TwitchSign in with GithubCreate Account
    about: ({
    version: 0.1.9 BETA 5.16,
    whats_new: community page,
    up_next: more Davinci•003 tasks,
    coming_soon: events calendar,
    social: @webDeveloperHQ
    });

    legal: ({
    terms: of use,
    privacy: policy
    });
    changelog: (
    version: 0.1.9,
    notes: added community page

    version: 0.1.8,
    notes: added Davinci•003

    version: 0.1.7,
    notes: upvote answers to bounties

    version: 0.1.6,
    notes: article editor refresh
    )...
    recent_tips: (
    tipper: @AriseFacilitySolutions09,
    tipped: article
    amount: 1000 SATS,

    tipper: @Yussuf4331,
    tipped: article
    amount: 1000 SATS,

    tipper: @darkwebsites540,
    tipped: article
    amount: 10 SATS,
    )...