|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.sap.ip.me.api.runtime.jsp.StringUtils
StringUtils is a collection of String utilities in the web environment. Many of the methods of this class serve to get correct and cross-site scripting safe encoding for usage in HTML mark-up, JavaScript String, and URLs.
For performance reasons all encoding and decoding methods can be called with an own StringBuffer object to process on. Other function calls without StringBuffer lead to creation of own temporary StringBuffer. The advantage here is, that may a component, which already has implemented an own StringBufferPool, can use this pool to pass it to the en/decoding methods.
The methods of this class should be used in different use cases depending on the context. Here are the different context cases:CASE1 (Output BETWEEN tags) <head> <title>[CASE1]</title> </head> <table> <tr> <td>Username</td> <td>[CASE1]</td> </tr> </table> CASE2 (Output INSIDE tags, but output is not a URL) <form name="CASE2"> <input type="text" name="user" value="[CASE2]"> <input type="text" name="user" value='[CASE2]'> </form> <a name="[CASE2]">Click here</a> CASE3 (Output is a URL) <a href="CASE3" style="[CASE3]"><img src="[CASE3]" lowsrc="[CASE3]"></a> CASE4 (Output inside a SCRIPT context, but output is not a string declaration) <script> var a = [CASE4]; [CASE4]; </script> CASE5 (Output is a string declaration in a script) <script> var a = '[CASE5]'; alert("[CASE5]"); </script>
Constructor Summary | |
StringUtils()
|
Method Summary | |
static java.lang.String |
escapeScriptEndTag(java.lang.String pStr)
Prepare a string to be used for a javascript string definition with particular care about script tag. |
static java.lang.String |
escapeScriptEndTag(java.lang.StringBuffer sb,
java.lang.String pStr)
Prepare a string to be used for a javascript string definition with particular care about script tag. |
static java.lang.String |
escapeSpace(java.lang.String input)
Encode a space with + Note that this function will call 'disableScriptSignatures'. |
static java.lang.String |
escapeToAttributeValue(java.lang.String input)
Encode a string for output as an attribute string of a tag, no URLs! |
static java.lang.String |
escapeToAttributeValue(java.lang.StringBuffer sb,
java.lang.String input,
int maxLength)
Encode a string for output as an attribute string of a tag, no URLs! |
static java.lang.String |
escapeToAttributeValue(java.lang.String input,
int maxLength)
Encode a string for output as an attribute string of a tag, no URLs! |
static java.lang.String |
escapeToHTML(java.lang.String input)
Encode a string for output between tags (CASE1) |
static java.lang.String |
escapeToHTML(java.lang.StringBuffer sb,
java.lang.String input,
int maxLength)
Encode a string for output between tags (CASE1) |
static java.lang.String |
escapeToHTML(java.lang.String input,
int maxLength)
Encode a string for output between tags (CASE1) |
static java.lang.String |
escapeToJS(java.lang.String input)
Encode a string inside a JS string declaration (CASE5) |
static java.lang.String |
escapeToJS(java.lang.StringBuffer sb,
java.lang.String input,
int maxLength)
Encode a string inside a JS string declaration (CASE5) |
static java.lang.String |
escapeToJS(java.lang.String input,
int maxLength)
Encode a string inside a JS string declaration (CASE5) |
static java.lang.String |
escapeToURL(java.lang.String input)
Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'. |
static java.lang.String |
escapeToURL(java.lang.StringBuffer sb,
java.lang.String input,
int maxLength)
Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'. |
static java.lang.String |
escapeToURL(java.lang.String input,
int maxLength)
Encode a string that represents a URL (CASE3) Note that this function will call 'disableScriptSignatures'. |
static java.lang.String |
urlDecode(java.lang.String s)
A trivial replacement of URLDecoder.decode |
static java.lang.String |
urlDecode(java.lang.StringBuffer sb,
java.lang.String s)
A trivial replacement of URLDecoder.decode |
static java.lang.String |
urlEncode(java.lang.String s)
A trivial replacement of URLEncoder.encode |
static java.lang.String |
urlEncode(java.lang.StringBuffer sb,
java.lang.String s,
char[] forceEncode)
This is an extended version of the URLEncoder.encode method. |
static java.lang.String |
urlEncode(java.lang.String s,
char[] forceEncode)
This is an extended version of the URLEncoder.encode method. |
static java.lang.String |
urlNormalize(java.lang.String ps)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public StringUtils()
Method Detail |
public static java.lang.String escapeToJS(java.lang.String input)
input
- The string to parse.public static java.lang.String escapeToJS(java.lang.String input, int maxLength)
input
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToJS(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
sb
- The StringBuffer to process the inputinput
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToHTML(java.lang.String input)
input
- The string to parse.public static java.lang.String escapeToHTML(java.lang.String input, int maxLength)
input
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToHTML(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
sb
- The StringBuffer to process the inputinput
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToAttributeValue(java.lang.String input)
input
- The string to parse.public static java.lang.String escapeToAttributeValue(java.lang.String input, int maxLength)
input
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToAttributeValue(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
sb
- The StringBuffer to process the inputinput
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToURL(java.lang.String input)
input
- The string to parse.public static java.lang.String escapeToURL(java.lang.String input, int maxLength)
input
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeToURL(java.lang.StringBuffer sb, java.lang.String input, int maxLength)
sb
- The StringBuffer to process the inputinput
- The string to parse.maxLength
- The maximum length the String input SHOULD havepublic static java.lang.String escapeScriptEndTag(java.lang.String pStr)
public static java.lang.String escapeScriptEndTag(java.lang.StringBuffer sb, java.lang.String pStr)
sb
- The StringBuffer to process the inputpStr
- The string to parse.public static java.lang.String escapeSpace(java.lang.String input)
input
- The string to parse.public static java.lang.String urlEncode(java.lang.StringBuffer sb, java.lang.String s, char[] forceEncode)
sb
- The StringBuffer to process the inputs
- The String to be encodedforceEncode
- An array of chars that are to be encoded
explicitely. Note: forceEncode should NOT contain digits nor
the percent sign!!public static java.lang.String urlEncode(java.lang.String s, char[] forceEncode)
s
- The String to be encodedforceEncode
- An array of chars that are to be encoded
explicitely. Note: forceEncode should NOT contain digits nor
the percent sign!!public static java.lang.String urlEncode(java.lang.String s)
s
- The String to be encodedpublic static java.lang.String urlDecode(java.lang.StringBuffer sb, java.lang.String s)
sb
- The StringBuffer to process the inputs
- The String to be encodedpublic static java.lang.String urlDecode(java.lang.String s)
s
- The String to be encodedpublic static java.lang.String urlNormalize(java.lang.String ps)
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |