public class StringValidationRule extends BaseValidationRule
http://en.wikipedia.org/wiki/Whitelist
Modifier and Type | Field and Description |
---|---|
protected List<Pattern> |
blacklistPatterns |
protected int |
maxLength |
protected int |
minLength |
protected List<Pattern> |
whitelistPatterns |
allowNull, encoder
Constructor and Description |
---|
StringValidationRule(String typeName) |
StringValidationRule(String typeName,
Encoder encoder) |
StringValidationRule(String typeName,
Encoder encoder,
String whitelistPattern) |
Modifier and Type | Method and Description |
---|---|
void |
addBlacklistPattern(Pattern p) |
void |
addBlacklistPattern(String pattern) |
void |
addWhitelistPattern(Pattern p) |
void |
addWhitelistPattern(String pattern) |
String |
getValid(String context,
String input)
Parse the input, throw exceptions if validation fails
|
String |
sanitize(String context,
String input)
The method is similar to ValidationRuile.getSafe except that it returns a
harmless object that may or may not have any similarity to the original
input (in some cases you may not care).
|
void |
setCanonicalize(boolean canonicalize) |
void |
setMaximumLength(int length) |
void |
setMinimumLength(int length) |
assertValid, charArrayToSet, getEncoder, getSafe, getTypeName, getValid, isAllowNull, isValid, setAllowNull, setEncoder, setTypeName, whitelist, whitelist
public StringValidationRule(String typeName)
public void addWhitelistPattern(String pattern)
IllegalArgumentException
- if pattern is nullpublic void addWhitelistPattern(Pattern p)
IllegalArgumentException
- if p is nullpublic void addBlacklistPattern(String pattern)
IllegalArgumentException
- if pattern is nullpublic void addBlacklistPattern(Pattern p)
IllegalArgumentException
- if p is nullpublic void setMinimumLength(int length)
public void setMaximumLength(int length)
public void setCanonicalize(boolean canonicalize)
public String getValid(String context, String input) throws ValidationException
context
- for logginginput
- the value to be parsedValidationException
- if any validation rules fail, except if the
ESAPI.properties
> property
"Validator.ValidationRule.getValid.ignore509Fix" is set to
true
, which is the default behavior for ESAPI 2.x
releases. See ESAPI GitHub Issues
521
for futher details.ValidationRule.getValid(String context, String input, ValidationErrorList errorList)
public String sanitize(String context, String input)
sanitize
in class BaseValidationRule
Copyright © 2022 The Open Web Application Security Project (OWASP). All rights reserved.