Module com.renomad.minum
Package com.renomad.minum.utils

Class StringUtils

java.lang.Object
com.renomad.minum.utils.StringUtils
public final class StringUtils extends Object
Some helper methods for Strings.

  • Method Details

    • safeHtml

      public static String safeHtml(String input)
      Returns text that has three symbols replaced - the less-than, greater-than, and ampersand. See ... 
      
 This will protect against something like <div>$USERNAME</div> allowing
 a username of
      <script>alert(1)</script>
 becoming
      <div><script>alert(1)</script</div>
 and instead becomes
      <div>&lt;script&gt;alert(1)&lt;/script&gt;</div>
      If the text is going inside an attribute (e.g. <div class="TEXT_GOES_HERE"> ) Then you need to escape slightly differently. In that case see [safeAttr]

    • safeAttr

      public static String safeAttr(String input)
      Replace dangerous text that would go inside an HTML attribute. See safeHtml(String)

      If we get a null string, just return an empty string 

      
 example:
   Given
      alert('XSS Attack')
   Get
      alert(&apos;XSS Attack&apos;)

    • encode

      public static String encode(String str)
      Encodes UTF-8 text using URL-encoding

    • decode

      public static String decode(String str)
      Decodes URL-encoded UTF-8 text, except that we first check if the string value is the token %NULL%, which is our way to signify null.

    • generateSecureRandomString

      public static String generateSecureRandomString(int length)

    • byteListToString

      public static String byteListToString(List<Byte> byteList)
      Converts a list of bytes to a string. Returns null if the input is null.

    • byteArrayToString

      public static String byteArrayToString(byte[] byteArray)
      Converts an array of bytes to a string. Returns null if the input is null.