public class UrlQuerySanitizer extends Object
UrlQuerySanitizer sanitizer = new UrlQuerySanitizer();
sanitizer.setAllowUnregisteredParamaters(true);
sanitizer.parseUrl("http://example.com/?name=Joe+User");
String name = sanitizer.getValue("name"));
// name now contains "Joe_User"
Register ValueSanitizers to customize the way individual
parameters are sanitized:
UrlQuerySanitizer sanitizer = new UrlQuerySanitizer();
sanitizer.registerParamater("name", UrlQuerySanitizer.createSpaceLegal());
sanitizer.parseUrl("http://example.com/?name=Joe+User");
String name = sanitizer.getValue("name"));
// name now contains "Joe User". (The string is first decoded, which
// converts the '+' to a ' '. Then the string is sanitized, which
// converts the ' ' to an '_'. (The ' ' is converted because the default
unregistered parameter sanitizer does not allow any special characters,
and ' ' is a special character.)
There are several ways to create ValueSanitizers. In order of increasing
sophistication:
Modifier and Type | Class and Description |
---|---|
static class |
UrlQuerySanitizer.IllegalCharacterValueSanitizer
Sanitize values based on which characters they contain.
|
class |
UrlQuerySanitizer.ParameterValuePair
A simple tuple that holds parameter-value pairs.
|
static interface |
UrlQuerySanitizer.ValueSanitizer
A functor used to sanitize a single query value.
|
Constructor and Description |
---|
UrlQuerySanitizer()
Constructs a UrlQuerySanitizer.
|
UrlQuerySanitizer(String url)
Constructs a UrlQuerySanitizer and parse a URL.
|
Modifier and Type | Method and Description |
---|---|
protected void |
addSanitizedEntry(String parameter,
String value)
Record a sanitized parameter-value pair.
|
protected void |
clear()
Clear the existing entries.
|
protected int |
decodeHexDigit(char c)
Convert a character that represents a hexidecimal digit into an integer.
|
static UrlQuerySanitizer.ValueSanitizer |
getAllButNulAndAngleBracketsLegal()
Return a value sanitizer that allows any special characters
except angle brackets ('<' and '>') and Nul ('\0').
|
static UrlQuerySanitizer.ValueSanitizer |
getAllButNulLegal()
Return a value sanitizer that allows everything except Nul ('\0')
characters.
|
static UrlQuerySanitizer.ValueSanitizer |
getAllButWhitespaceLegal()
Return a value sanitizer that allows everything except Nul ('\0')
characters, space (' '), and other whitespace characters.
|
static UrlQuerySanitizer.ValueSanitizer |
getAllIllegal()
Return a value sanitizer that does not allow any special characters,
and also does not allow script URLs.
|
boolean |
getAllowUnregisteredParamaters()
Get whether or not unregistered parameters are allowed.
|
static UrlQuerySanitizer.ValueSanitizer |
getAmpAndSpaceLegal()
Return a value sanitizer that does not allow any special characters
except ampersand ('&') and space (' ').
|
static UrlQuerySanitizer.ValueSanitizer |
getAmpLegal()
Return a value sanitizer that does not allow any special characters
except ampersand ('&').
|
UrlQuerySanitizer.ValueSanitizer |
getEffectiveValueSanitizer(String parameter)
Get the effective value sanitizer for a parameter.
|
List<UrlQuerySanitizer.ParameterValuePair> |
getParameterList()
An array list of all of the parameter value pairs in the sanitized
query, in the order they appeared in the query.
|
Set<String> |
getParameterSet()
Get a set of all of the parameters found in the sanitized query.
|
boolean |
getPreferFirstRepeatedParameter()
Get whether or not the first occurrence of a repeated parameter is
preferred.
|
static UrlQuerySanitizer.ValueSanitizer |
getSpaceLegal()
Return a value sanitizer that does not allow any special characters
except space (' ').
|
UrlQuerySanitizer.ValueSanitizer |
getUnregisteredParameterValueSanitizer()
Get the current value sanitizer used when processing
unregistered parameter values.
|
static UrlQuerySanitizer.ValueSanitizer |
getUrlAndSpaceLegal()
Return a value sanitizer that allows all the characters used by
encoded URLs and allows spaces, which are not technically legal
in encoded URLs, but commonly appear anyway.
|
static UrlQuerySanitizer.ValueSanitizer |
getUrlLegal()
Return a value sanitizer that allows all the characters used by
encoded URLs.
|
String |
getValue(String parameter)
Get the value for a parameter in the current sanitized query.
|
UrlQuerySanitizer.ValueSanitizer |
getValueSanitizer(String parameter)
Get the value sanitizer for a parameter.
|
boolean |
hasParameter(String parameter)
Check if a parameter exists in the current sanitized query.
|
protected boolean |
isHexDigit(char c)
Test if a character is a hexidecimal digit.
|
protected void |
parseEntry(String parameter,
String value)
Parse an escaped parameter-value pair.
|
void |
parseQuery(String query)
Parse a query.
|
void |
parseUrl(String url)
Parse the query parameters out of an encoded URL.
|
void |
registerParameter(String parameter,
UrlQuerySanitizer.ValueSanitizer valueSanitizer)
Register a value sanitizer for a particular parameter.
|
void |
registerParameters(String[] parameters,
UrlQuerySanitizer.ValueSanitizer valueSanitizer)
Register a value sanitizer for an array of parameters.
|
void |
setAllowUnregisteredParamaters(boolean allowUnregisteredParamaters)
Set whether or not unregistered parameters are allowed.
|
void |
setPreferFirstRepeatedParameter(boolean preferFirstRepeatedParameter)
Set whether or not the first occurrence of a repeated parameter is
preferred.
|
void |
setUnregisteredParameterValueSanitizer(UrlQuerySanitizer.ValueSanitizer sanitizer)
Set the value sanitizer used when processing unregistered
parameter values.
|
String |
unescape(String string)
Unescape an escaped string.
|
public UrlQuerySanitizer()
Defaults:
public UrlQuerySanitizer(String url)
Because the URL is parsed before the constructor returns, there isn't a chance to configure the sanitizer to change the parsing behavior.
UrlQuerySanitizer sanitizer = new UrlQuerySanitizer(myUrl);
String name = sanitizer.getValue("name");
Defaults:
public UrlQuerySanitizer.ValueSanitizer getUnregisteredParameterValueSanitizer()
Note: The default unregistered parameter value sanitizer is one that doesn't allow any special characters, similar to what is returned by calling createAllIllegal.
public void setUnregisteredParameterValueSanitizer(UrlQuerySanitizer.ValueSanitizer sanitizer)
sanitizer
- set the ValueSanitizer used to sanitize unregistered
parameter values.public static final UrlQuerySanitizer.ValueSanitizer getAllIllegal()
public static final UrlQuerySanitizer.ValueSanitizer getAllButNulLegal()
public static final UrlQuerySanitizer.ValueSanitizer getAllButWhitespaceLegal()
public static final UrlQuerySanitizer.ValueSanitizer getUrlLegal()
public static final UrlQuerySanitizer.ValueSanitizer getUrlAndSpaceLegal()
public static final UrlQuerySanitizer.ValueSanitizer getAmpLegal()
public static final UrlQuerySanitizer.ValueSanitizer getAmpAndSpaceLegal()
public static final UrlQuerySanitizer.ValueSanitizer getSpaceLegal()
public static final UrlQuerySanitizer.ValueSanitizer getAllButNulAndAngleBracketsLegal()
public void parseUrl(String url)
url
- the encoded URL to parse.public void parseQuery(String query)
query
- the query to parse.public Set<String> getParameterSet()
Note: Do not modify this set. Treat it as a read-only set.
public List<UrlQuerySanitizer.ParameterValuePair> getParameterList()
Note: Do not modify this list. Treat it as a read-only list.
public boolean hasParameter(String parameter)
parameter
- the unencoded name of a parameter.public String getValue(String parameter)
parameter
- the unencoded name of a parameter.public void registerParameter(String parameter, UrlQuerySanitizer.ValueSanitizer valueSanitizer)
Registering a non-null value sanitizer for a particular parameter makes that parameter a registered parameter.
parameter
- an unencoded parameter namevalueSanitizer
- the value sanitizer to use for a particular
parameter. May be null in order to unregister that parameter.getAllowUnregisteredParamaters()
public void registerParameters(String[] parameters, UrlQuerySanitizer.ValueSanitizer valueSanitizer)
parameters
- An array of unencoded parameter names.valueSanitizer
- registerParameter(java.lang.String, android.net.UrlQuerySanitizer.ValueSanitizer)
public void setAllowUnregisteredParamaters(boolean allowUnregisteredParamaters)
Defaults to false.
allowUnregisteredParamaters
- true to allow unregistered parameters.getAllowUnregisteredParamaters()
public boolean getAllowUnregisteredParamaters()
setAllowUnregisteredParamaters(boolean)
public void setPreferFirstRepeatedParameter(boolean preferFirstRepeatedParameter)
The preferred parameter is the one that is returned when getParameter is called.
defaults to false.
preferFirstRepeatedParameter
- True if the first repeated
parameter is preferred.getPreferFirstRepeatedParameter()
public boolean getPreferFirstRepeatedParameter()
setPreferFirstRepeatedParameter(boolean)
protected void parseEntry(String parameter, String value)
parameter
- an escaped parametervalue
- an unsanitzied escaped valueprotected void addSanitizedEntry(String parameter, String value)
parameter
- an unescaped parametervalue
- a sanitized unescaped valuepublic UrlQuerySanitizer.ValueSanitizer getValueSanitizer(String parameter)
parameter
- the unescaped parameterregisterParameter(String, android.net.UrlQuerySanitizer.ValueSanitizer)
public UrlQuerySanitizer.ValueSanitizer getEffectiveValueSanitizer(String parameter)
parameter
- an unescaped parameterpublic String unescape(String string)
string
- the escaped stringprotected boolean isHexDigit(char c)
c
- the character to testprotected int decodeHexDigit(char c)
c
- the hexidecimal digit.protected void clear()