StringValidationRule (ESAPI 2.2.0.0 API)

java.lang.Object
- org.owasp.esapi.reference.validation.BaseValidationRule
- - org.owasp.esapi.reference.validation.StringValidationRule

All Implemented Interfaces:

ValidationRule

Direct Known Subclasses:

HTMLValidationRule
```
public class StringValidationRule
extends BaseValidationRule
```
A validator performs syntax and possibly semantic validation of a single piece of data from an untrusted source.

Since:

June 1, 2007

Author:

Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security

See Also:

http://en.wikipedia.org/wiki/Whitelist

Field Summary

Fields
Modifier and Type Field and Description

protected List<Pattern> blacklistPatterns

protected int maxLength

protected int minLength

protected List<Pattern> whitelistPatterns
- Fields inherited from class org.owasp.esapi.reference.validation.BaseValidationRule
  allowNull, encoder

Fields
Modifier and Type	Field and Description
`protected List<Pattern>`	`blacklistPatterns`
`protected int`	`maxLength`
`protected int`	`minLength`
`protected List<Pattern>`	`whitelistPatterns`

Constructor Summary

Constructors
Constructor and Description
`StringValidationRule(String typeName)`
`StringValidationRule(String typeName, Encoder encoder)`
`StringValidationRule(String typeName, Encoder encoder, String whitelistPattern)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addBlacklistPattern(Pattern p)`
`void`	`addBlacklistPattern(String pattern)`
`void`	`addWhitelistPattern(Pattern p)`
`void`	`addWhitelistPattern(String pattern)`
`String`	`getValid(String context, String input)` Parse the input, throw exceptions if validation fails
`String`	`sanitize(String context, String input)` The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care).
`void`	`setCanonicalize(boolean canonicalize)`
`void`	`setMaximumLength(int length)`
`void`	`setMinimumLength(int length)`

Methods inherited from class org.owasp.esapi.reference.validation.BaseValidationRule
assertValid, charArrayToSet, getEncoder, getSafe, getTypeName, getValid, isAllowNull, isValid, setAllowNull, setEncoder, setTypeName, whitelist, whitelist

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

whitelistPatterns

protected List<Pattern> whitelistPatterns

blacklistPatterns

protected List<Pattern> blacklistPatterns

minLength
```
protected int minLength
```

maxLength
```
protected int maxLength
```

Constructor Detail

StringValidationRule

public StringValidationRule(String typeName)

StringValidationRule

public StringValidationRule(String typeName,
                            Encoder encoder)

StringValidationRule

public StringValidationRule(String typeName,
                            Encoder encoder,
                            String whitelistPattern)

Method Detail
- addWhitelistPattern
```
public void addWhitelistPattern(String pattern)
```
  Throws:
  
  IllegalArgumentException - if pattern is null
- addWhitelistPattern
```
public void addWhitelistPattern(Pattern p)
```
  Throws:
  
  IllegalArgumentException - if p is null
- addBlacklistPattern
```
public void addBlacklistPattern(String pattern)
```
  Throws:
  
  IllegalArgumentException - if pattern is null
- addBlacklistPattern
```
public void addBlacklistPattern(Pattern p)
```
  Throws:
  
  IllegalArgumentException - if p is null
- setMinimumLength
```
public void setMinimumLength(int length)
```
- setMaximumLength
```
public void setMaximumLength(int length)
```
- setCanonicalize
```
public void setCanonicalize(boolean canonicalize)
```
- getValid
```
public String getValid(String context,
                       String input)
                throws ValidationException
```
  Parse the input, throw exceptions if validation fails
  
  Parameters:
  
  context - for logging
  
  input - the value to be parsed
  
  Returns:
  
  a validated value
  
  Throws:
  
  ValidationException - if any validation rules fail
- sanitize
```
public String sanitize(String context,
                       String input)
```
  The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care). In most cases this should be the same as the getSafe method only instead of throwing an exception, return some default value.
  
  Specified by:
  
  sanitize in class BaseValidationRule
  
  Returns:
  
  a parsed version of the input or a default value.

Class StringValidationRule

Field Summary

Fields inherited from class org.owasp.esapi.reference.validation.BaseValidationRule

Constructor Summary

Method Summary

Methods inherited from class org.owasp.esapi.reference.validation.BaseValidationRule

Methods inherited from class java.lang.Object

Field Detail

whitelistPatterns

blacklistPatterns

minLength

maxLength

Constructor Detail

StringValidationRule

StringValidationRule

StringValidationRule

Method Detail

addWhitelistPattern

addWhitelistPattern

addBlacklistPattern

addBlacklistPattern

setMinimumLength

setMaximumLength

setCanonicalize

getValid

sanitize