Package org.owasp.esapi.codecs

This package contains codecs for application layer encoding/escaping schemes that can be used for both canonicalization and output encoding.

See: Description

Interface Summary

Interface	Description
Codec<T>	The Codec interface defines a set of methods for encoding and decoding application level encoding schemes, such as HTML entity encoding and percent encoding (aka URL encoding).
PushbackSequence<T>
Trie<T>

Class Summary

Class	Description
AbstractCharacterCodec	This abstract Impl is broken off from the original Codec class and provides the Character parsing logic that has been with ESAPI from the beginning.
AbstractCodec<T>	The Coded interface defines a set of methods for encoding and decoding application level encoding schemes, such as HTML entity encoding and percent encoding (aka URL encoding).
AbstractIntegerCodec	This class is intended to be an alternative Abstract Implementation for parsing encoding data by focusing on int as opposed to Character.
AbstractPushbackSequence<T>	This Abstract class provides the generic logic for using a PushbackSequence in regards to iterating strings.
Base64	Encodes and decodes to and from Base64 notation.
Base64.InputStream	A Base64.InputStream will read data from another java.io.InputStream, given in the constructor, and encode/decode to/from Base64 notation on the fly.
Base64.OutputStream	A Base64.OutputStream will write data to another java.io.OutputStream, given in the constructor, and encode/decode to/from Base64 notation on the fly.
CSSCodec	Implementation of the Codec interface for backslash encoding used in CSS.
DB2Codec	Implementation of the Codec interface for DB2 strings.
HashTrie<T>	Trie implementation for CharSequence keys.
Hex	Encode and decode to/from hexadecimal strings to byte arrays.
HTMLEntityCodec	Implementation of the Codec interface for HTML entity encoding.
JavaScriptCodec	Implementation of the Codec interface for backslash encoding in JavaScript.
LegacyHTMLEntityCodec	Deprecated
MySQLCodec	Codec implementation which can be used to escape string literals in MySQL.
OracleCodec	Implementation of the Codec interface for Oracle strings.
PercentCodec	Implementation of the Codec interface for percent encoding (aka URL encoding).
PushBackSequenceImpl	The pushback string is used by Codecs to allow them to push decoded characters back onto a string for further decoding.
PushbackString	The pushback string is used by Codecs to allow them to push decoded characters back onto a string for further decoding.
Trie.TrieProxy<T>
Trie.Unmodifiable<T>
Trie.Util
UnixCodec	Implementation of the Codec interface for '\' encoding from Unix command shell (bash lineage, not csh lineage).
VBScriptCodec	Implementation of the Codec interface for 'quote' encoding from VBScript.
WindowsCodec	Implementation of the Codec interface for '^' encoding from Windows command shell.
XMLEntityCodec	Implementation of the Codec interface for XML entity encoding.

Enum Summary

Enum	Description
MySQLCodec.Mode	Specifies the SQL Mode the target MySQL Server is running with.

Package org.owasp.esapi.codecs Description

This package contains codecs for application layer encoding/escaping schemes that can be used for both canonicalization and output encoding. By using the codecs to decode (canonicalize) input before validation, many attacks can be detected and handled. By using the codecs to encode untrusted data before sending it to an interpreter, a wide variety of 'injection' attacks can be stopped. However, this package does not currently address issues related to converting between byte-streams and internal character representations, such as overlong UTF-8 issues. Those are left to the platform. The codecs cover protocol encodings such as HTML entity encoding and percent encoding, but also common product escaping schemes, such as Unix, Windows, MySQL, and Oracle.