com.sap.ip.me.api.runtime.jsp
Class StringUtils

java.lang.Object
  extended bycom.sap.ip.me.api.runtime.jsp.StringUtils

public class StringUtils
extends java.lang.Object

StringUtils is a collection of String utilities in the web environment. Many of the methods of this class serve to get correct and cross-site scripting safe encoding for usage in HTML mark-up, JavaScript String, and URLs.

For performance reasons all encoding and decoding methods can be called with an own StringBuffer object to process on. Other function calls without StringBuffer lead to creation of own temporary StringBuffer. The advantage here is, that may a component, which already has implemented an own StringBufferPool, can use this pool to pass it to the en/decoding methods.

The methods of this class should be used in different use cases depending on the context. Here are the different context cases:
 CASE1 (Output BETWEEN tags)
 <head>
 <title>[CASE1]</title>
 </head>
 
 <table>
 	<tr>
 		<td>Username</td>
 		<td>[CASE1]</td>
 	</tr>
 </table>
 
 
 CASE2 (Output INSIDE tags, but output is not a URL)
 
 <form name="CASE2">
 	<input type="text" name="user" value="[CASE2]">
 	<input type="text" name="user" value='[CASE2]'>
 </form>
 
 <a name="[CASE2]">Click here</a>
 
 
 CASE3 (Output is a URL)
 
 <a href="CASE3" style="[CASE3]"><img src="[CASE3]" lowsrc="[CASE3]"></a>
 
 
 CASE4 (Output inside a SCRIPT context, but output is not a string declaration)
 
 <script>
 var a = [CASE4];
 [CASE4];
 </script>
 
 
 CASE5 (Output is a string declaration in a script)
 
 <script>
 var a = '[CASE5]';
 alert("[CASE5]");
 </script>
 

Version:
6.40
Author:
SAP AG

Constructor Summary
StringUtils()
           
 
Method Summary
static java.lang.String escapeScriptEndTag(java.lang.String pStr)
          Prepare a string to be used for a javascript string definition with particular care about script tag.
static java.lang.String escapeScriptEndTag(java.lang.StringBuffer sb, java.lang.String pStr)
          Prepare a string to be used for a javascript string definition with particular care about script tag.
static java.lang.String escapeSpace(java.lang.String input)
          Encode a space with + Note that this function will call 'disableScriptSignatures'.
static java.lang.String escapeToAttributeValue(java.lang.String input)
          Encode a string for output as an attribute string of a tag, no URLs!
static java.lang.String escapeToAttributeValue(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
          Encode a string for output as an attribute string of a tag, no URLs!
static java.lang.String escapeToAttributeValue(java.lang.String input, int maxLength)
          Encode a string for output as an attribute string of a tag, no URLs!
static java.lang.String escapeToHTML(java.lang.String input)
          Encode a string for output between tags (CASE1)
static java.lang.String escapeToHTML(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
          Encode a string for output between tags (CASE1)
static java.lang.String escapeToHTML(java.lang.String input, int maxLength)
          Encode a string for output between tags (CASE1)
static java.lang.String escapeToJS(java.lang.String input)
          Encode a string inside a JS string declaration (CASE5)
static java.lang.String escapeToJS(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
          Encode a string inside a JS string declaration (CASE5)
static java.lang.String escapeToJS(java.lang.String input, int maxLength)
          Encode a string inside a JS string declaration (CASE5)
static java.lang.String escapeToURL(java.lang.String input)
          Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'.
static java.lang.String escapeToURL(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
          Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'.
static java.lang.String escapeToURL(java.lang.String input, int maxLength)
          Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'.
static java.lang.String urlDecode(java.lang.String s)
          A trivial replacement of URLDecoder.decode
static java.lang.String urlDecode(java.lang.StringBuffer sb, java.lang.String s)
          A trivial replacement of URLDecoder.decode
static java.lang.String urlEncode(java.lang.String s)
          A trivial replacement of URLEncoder.encode
static java.lang.String urlEncode(java.lang.StringBuffer sb, java.lang.String s, char[] forceEncode)
          This is an extended version of the URLEncoder.encode method.
static java.lang.String urlEncode(java.lang.String s, char[] forceEncode)
          This is an extended version of the URLEncoder.encode method.
static java.lang.String urlNormalize(java.lang.String ps)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

StringUtils

public StringUtils()
Method Detail

escapeToJS

public static java.lang.String escapeToJS(java.lang.String input)
Encode a string inside a JS string declaration (CASE5)

Parameters:
input - The string to parse.

escapeToJS

public static java.lang.String escapeToJS(java.lang.String input,
                                          int maxLength)
Encode a string inside a JS string declaration (CASE5)

Parameters:
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToJS

public static java.lang.String escapeToJS(java.lang.StringBuffer sb,
                                          java.lang.String input,
                                          int maxLength)
Encode a string inside a JS string declaration (CASE5)

Parameters:
sb - The StringBuffer to process the input
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToHTML

public static java.lang.String escapeToHTML(java.lang.String input)
Encode a string for output between tags (CASE1)

Parameters:
input - The string to parse.

escapeToHTML

public static java.lang.String escapeToHTML(java.lang.String input,
                                            int maxLength)
Encode a string for output between tags (CASE1)

Parameters:
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToHTML

public static java.lang.String escapeToHTML(java.lang.StringBuffer sb,
                                            java.lang.String input,
                                            int maxLength)
Encode a string for output between tags (CASE1)

Parameters:
sb - The StringBuffer to process the input
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToAttributeValue

public static java.lang.String escapeToAttributeValue(java.lang.String input)
Encode a string for output as an attribute string of a tag, no URLs! (CASE2)

Parameters:
input - The string to parse.

escapeToAttributeValue

public static java.lang.String escapeToAttributeValue(java.lang.String input,
                                                      int maxLength)
Encode a string for output as an attribute string of a tag, no URLs! (CASE2)

Parameters:
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToAttributeValue

public static java.lang.String escapeToAttributeValue(java.lang.StringBuffer sb,
                                                      java.lang.String input,
                                                      int maxLength)
Encode a string for output as an attribute string of a tag, no URLs! (CASE2)

Parameters:
sb - The StringBuffer to process the input
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToURL

public static java.lang.String escapeToURL(java.lang.String input)
Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'. Please read the note on that function as well.

Parameters:
input - The string to parse.

escapeToURL

public static java.lang.String escapeToURL(java.lang.String input,
                                           int maxLength)
Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'. Please read the note on that function as well.

Parameters:
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeToURL

public static java.lang.String escapeToURL(java.lang.StringBuffer sb,
                                           java.lang.String input,
                                           int maxLength)
Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'. Please read the note on that function as well.

Parameters:
sb - The StringBuffer to process the input
input - The string to parse.
maxLength - The maximum length the String input SHOULD have

escapeScriptEndTag

public static java.lang.String escapeScriptEndTag(java.lang.String pStr)
Prepare a string to be used for a javascript string definition with particular care about script tag. In particular this fixes html parsing problems with </script>.


escapeScriptEndTag

public static java.lang.String escapeScriptEndTag(java.lang.StringBuffer sb,
                                                  java.lang.String pStr)
Prepare a string to be used for a javascript string definition with particular care about script tag. In particular this fixes html parsing problems with </script>.

Parameters:
sb - The StringBuffer to process the input
pStr - The string to parse.

escapeSpace

public static java.lang.String escapeSpace(java.lang.String input)
Encode a space with + Note that this function will call 'disableScriptSignatures'. Please read the note on that function as well.

Parameters:
input - The string to parse.

urlEncode

public static java.lang.String urlEncode(java.lang.StringBuffer sb,
                                         java.lang.String s,
                                         char[] forceEncode)
This is an extended version of the URLEncoder.encode method. It allows to specify more characters to be encoded.

Parameters:
sb - The StringBuffer to process the input
s - The String to be encoded
forceEncode - An array of chars that are to be encoded explicitely. Note: forceEncode should NOT contain digits nor the percent sign!!

urlEncode

public static java.lang.String urlEncode(java.lang.String s,
                                         char[] forceEncode)
This is an extended version of the URLEncoder.encode method. It allows to specify more characters to be encoded.

Parameters:
s - The String to be encoded
forceEncode - An array of chars that are to be encoded explicitely. Note: forceEncode should NOT contain digits nor the percent sign!!

urlEncode

public static java.lang.String urlEncode(java.lang.String s)
A trivial replacement of URLEncoder.encode

Parameters:
s - The String to be encoded

urlDecode

public static java.lang.String urlDecode(java.lang.StringBuffer sb,
                                         java.lang.String s)
A trivial replacement of URLDecoder.decode

Parameters:
sb - The StringBuffer to process the input
s - The String to be encoded

urlDecode

public static java.lang.String urlDecode(java.lang.String s)
A trivial replacement of URLDecoder.decode

Parameters:
s - The String to be encoded

urlNormalize

public static java.lang.String urlNormalize(java.lang.String ps)


Copyright © 2005 SAP AG. All Rights Reserved.