|
||||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||
See:
Description
| Class Summary | |
|---|---|
| Base64 | Encodes and decodes to and from Base64 notation. |
| Base64.InputStream | A Base64.InputStream will read data from another
java.io.InputStream, given in the constructor,
and encode/decode to/from Base64 notation on the fly. |
| Base64.OutputStream | A Base64.OutputStream will write data to another
java.io.OutputStream, given in the constructor,
and encode/decode to/from Base64 notation on the fly. |
| Codec | The Codec interface defines a set of methods for encoding and decoding application level encoding schemes, such as HTML entity encoding and percent encoding (aka URL encoding). |
| CSSCodec | Implementation of the Codec interface for backslash encoding used in CSS. |
| HashTrie<T> | Trie implementation for CharSequence keys. |
| Hex | Encode and decode to/from hexadecimal strings to byte arrays. |
| HTMLEntityCodec | Implementation of the Codec interface for HTML entity encoding. |
| JavaScriptCodec | Implementation of the Codec interface for backslash encoding in JavaScript. |
| MySQLCodec | Implementation of the Codec interface for MySQL strings. |
| OracleCodec | Implementation of the Codec interface for Oracle strings. |
| PercentCodec | Implementation of the Codec interface for percent encoding (aka URL encoding). |
| PushbackString | The pushback string is used by Codecs to allow them to push decoded characters back onto a string for further decoding. |
| UnixCodec | Implementation of the Codec interface for '\' encoding from Unix command shell. |
| VBScriptCodec | Implementation of the Codec interface for 'quote' encoding from VBScript. |
| WindowsCodec | Implementation of the Codec interface for '^' encoding from Windows command shell. |
| XMLEntityCodec | Implementation of the Codec interface for XML entity encoding. |
This package contains codecs for application layer encoding/escaping schemes that can be used for both canonicalization and output encoding. By using the codecs to decode (canonicalize) input before validation, many attacks can be detected and handled. By using the codecs to encode untrusted data before sending it to an interpreter, a wide variety of 'injection' attacks can be stopped. However, this package does not currently address issues related to converting between byte-streams and internal character representations, such as overlong UTF-8 issues. Those are left to the platform. The codecs cover protocol encodings such as HTML entity encoding and percent encoding, but also common product escaping schemes, such as Unix, Windows, MySQL, and Oracle.
|
||||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||