StringUtils.java

package com.renomad.minum.utils;

import java.net.URLDecoder;

import java.net.URLEncoder;

import java.security.SecureRandom;

import java.util.List;

import java.util.stream.Collectors;

import java.util.stream.IntStream;

import static com.renomad.minum.utils.Invariants.mustNotBeNull;

import static java.nio.charset.StandardCharsets.UTF_8;

/**

 * Some helper methods for Strings.

 */

public final class StringUtils {

    private StringUtils() {

        // making this private to be clearer it isn't supposed to be instantiated.

    }

    /**

     * Returns text that has three symbols replaced -

     * the less-than, greater-than, and ampersand.

     * See <a href="https://www.w3.org/International/questions/qa-escapes#use">...</a>

     * <br>

     * <pre>{@code

     * This will protect against something like <div>$USERNAME</div> allowing

     * a username of

     *      <script>alert(1)</script>

     * becoming

     *      <div><script>alert(1)</script</div>

     * and instead becomes

     *      <div>&lt;script&gt;alert(1)&lt;/script&gt;</div>

     * }</pre>

     * If the text is going inside an attribute (e.g. {@code <div class="TEXT_GOES_HERE">} )

     * Then you need to escape slightly differently. In that case see [safeAttr]

     */

    public static String safeHtml(String input) {

        if (input == null) {

            return "";

        }

        return input.replace("&", "&")

            .replace("<", "&lt;")

            .replace(">", ">");

    }

    /**

     * Replace dangerous text that would go inside an HTML attribute.

     * See {@link #safeHtml(String)}

     * <br><br>

     * If we get a null string, just return an empty string

     * <br><br>

     * <pre>{@code

     * example:

     *   Given

     *      alert('XSS Attack')

     *   Get

     *      alert('XSS Attack')

     * }</pre>

     */

    public static String safeAttr(String input) {

        if (input == null) {

            return "";

        }

        return input.replace("&", "&")

            .replace("<", "&lt;")

            .replace("\"", """)

            .replace("'", "'");

    }

    /**

     * Encodes UTF-8 text using URL-encoding

     */

    public static String encode(String str) {

        if (str == null) {

            return "%NULL%";

        }

        return URLEncoder.encode(str, UTF_8);

    }

    /**

     * Decodes URL-encoded UTF-8 text, except that we

     * first check if the string value is the token %NULL%,

     * which is our way to signify null.

     */

    public static String decode(String str) {

        mustNotBeNull(str);

        if (str.equals("%NULL%")) {

            return null;

        }

        return URLDecoder.decode(str, UTF_8);

    }

    public static String generateSecureRandomString(int length) {

        final var allowedChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";

        final var sr = new SecureRandom();

        return IntStream.range(1, length+1)

                .mapToObj (x -> allowedChars.charAt(sr.nextInt(allowedChars.length())))

                .map(Object::toString)

                .collect(Collectors.joining());

    }

    /**

     * Converts a list of bytes to a string. Returns null if the input is null.

     */

    public static String byteListToString(List<Byte> byteList) {

        if (byteList == null) return null;

        final int size = byteList.size();

        final var buf = new byte[size];

        for (int i = 0; i < size; i++) {

            buf[i] = byteList.get(i);

        }

        return new String(buf, UTF_8);

    }

    /**

     * Converts an array of bytes to a string. Returns null if the input is null.

     */

    public static String byteArrayToString(byte[] byteArray) {

        if (byteArray == null) return null;

        return new String(byteArray, UTF_8);

    }

}

Active mutators

• CONDITIONALS_BOUNDARY
• EMPTY_RETURNS
• FALSE_RETURNS
• INCREMENTS
• INVERT_NEGS
• MATH
• NEGATE_CONDITIONALS
• NULL_RETURNS
• PRIMITIVE_RETURNS
• TRUE_RETURNS
• VOID_METHOD_CALLS

Tests examined

• com.renomad.minum.utils.StringUtilsTests.test_ByteArrayToString(com.renomad.minum.utils.StringUtilsTests) (0 ms)
• com.renomad.minum.web.BodyProcessorTests (230 ms)
• com.renomad.minum.web.WebPerformanceTests.test2(com.renomad.minum.web.WebPerformanceTests) (608 ms)
• com.renomad.minum.web.WebTests (906 ms)
• com.renomad.minum.FunctionalTests (2021 ms)
• com.renomad.minum.utils.StringUtilsTests.test_BytesListToString(com.renomad.minum.utils.StringUtilsTests) (0 ms)
• com.renomad.minum.utils.SerializationUtilsTests.testSerializationHelper(com.renomad.minum.utils.SerializationUtilsTests) (0 ms)
• com.renomad.minum.database.DbTests.test_Serialization_SimpleCase(com.renomad.minum.database.DbTests) (30 ms)
• com.renomad.minum.database.DbTests.test_Serialization_Null(com.renomad.minum.database.DbTests) (29 ms)
• com.renomad.minum.database.DbTests.test_Serialization_Collection(com.renomad.minum.database.DbTests) (31 ms)
• com.renomad.minum.database.DbEngine2Tests.test_FailureDuringDelete(com.renomad.minum.database.DbEngine2Tests) (30 ms)
• com.renomad.minum.database.DbEngine2Tests.test_FailureDuringWrite(com.renomad.minum.database.DbEngine2Tests) (31 ms)
• com.renomad.minum.database.DbTests.testIndex_NegativeCase_RequestingWithNoIndexRegistered(com.renomad.minum.database.DbTests) (26 ms)
• com.renomad.minum.database.DbTests.test_EdgeCase_RegisteringIndexTooLate(com.renomad.minum.database.DbTests) (30 ms)
• com.renomad.minum.database.DbTests.testSearchUtils_SearchFindsNothing(com.renomad.minum.database.DbTests) (31 ms)
• com.renomad.minum.database.DbEngine2Tests.test_EdgeCase_RegisteringIndexTooLate(com.renomad.minum.database.DbEngine2Tests) (31 ms)
• com.renomad.minum.database.DbEngine2Tests.testIndex_NegativeCase_RequestingWithNoIndexRegistered(com.renomad.minum.database.DbEngine2Tests) (31 ms)
• com.renomad.minum.database.DbEngine2Tests.testSearchUtility(com.renomad.minum.database.DbEngine2Tests) (31 ms)
• com.renomad.minum.database.DbEngine2Tests.testSearchUtils_ShouldAccommodateUsingIndexes(com.renomad.minum.database.DbEngine2Tests) (37 ms)
• com.renomad.minum.database.DbEngine2Tests.testIndex_NegativeCase_ExceptionThrownByPartitionAlgorithm(com.renomad.minum.database.DbEngine2Tests) (47 ms)
• com.renomad.minum.database.DbEngine2Tests.testSearchUtils_SearchFindsNothing(com.renomad.minum.database.DbEngine2Tests) (47 ms)
• com.renomad.minum.database.DbEngine2Tests.testIndexSpeedDifference(com.renomad.minum.database.DbEngine2Tests) (45 ms)
• com.renomad.minum.database.DbEngine2Tests.testIndex_Update(com.renomad.minum.database.DbEngine2Tests) (45 ms)
• com.renomad.minum.database.DbTests.testSearchUtils_ShouldAccommodateUsingIndexes(com.renomad.minum.database.DbTests) (63 ms)
• com.renomad.minum.database.DbTests.testSearchUtility_EdgeCases_Various(com.renomad.minum.database.DbTests) (61 ms)
• com.renomad.minum.database.DbEngine2Tests.test_LoadingData_MultipleThreads(com.renomad.minum.database.DbEngine2Tests) (47 ms)
• com.renomad.minum.database.DbTests.testIndexSpeedDifference(com.renomad.minum.database.DbTests) (62 ms)
• com.renomad.minum.database.DbTests.testIndex_Update(com.renomad.minum.database.DbTests) (63 ms)
• com.renomad.minum.database.DbEngine2Tests.testIndexesOnPartitionedData(com.renomad.minum.database.DbEngine2Tests) (62 ms)
• com.renomad.minum.database.DbTests.testDeserializerComplaints(com.renomad.minum.database.DbTests) (92 ms)
• com.renomad.minum.database.DbEngine2Tests.test_Db_Delete_EdgeCase_DoesNotExist(com.renomad.minum.database.DbEngine2Tests) (93 ms)
• com.renomad.minum.database.DbEngine2Tests.test_Edge_DeleteFileDoesNotExist(com.renomad.minum.database.DbEngine2Tests) (95 ms)
• com.renomad.minum.database.DbTests.testCreateIndexes(com.renomad.minum.database.DbTests) (93 ms)
• com.renomad.minum.database.DbTests.testIndexesOnPartitionedData(com.renomad.minum.database.DbTests) (93 ms)
• com.renomad.minum.database.DbTests.test_firstActionIsRequestingDataByIndex(com.renomad.minum.database.DbTests) (92 ms)
• com.renomad.minum.database.DbEngine2Tests.test_FailureDuringConsolidation(com.renomad.minum.database.DbEngine2Tests) (93 ms)
• com.renomad.minum.database.DbEngine2Tests.test_firstActionIsRequestingDataByIndex(com.renomad.minum.database.DbEngine2Tests) (93 ms)
• com.renomad.minum.database.DbEngine2Tests.test_firstActionIsFindExactlyOne(com.renomad.minum.database.DbEngine2Tests) (94 ms)
• com.renomad.minum.database.DbTests.testPoorlyNamedDbFile(com.renomad.minum.database.DbTests) (125 ms)
• com.renomad.minum.database.DbTests.test_Locking(com.renomad.minum.database.DbTests) (153 ms)
• com.renomad.minum.database.DbEngine2Tests.testCreateIndexes(com.renomad.minum.database.DbEngine2Tests) (149 ms)
• com.renomad.minum.database.DbTests.test_firstActionIsFindExactlyOne(com.renomad.minum.database.DbTests) (155 ms)
• com.renomad.minum.database.DbTests.test_Locking_2(com.renomad.minum.database.DbTests) (204 ms)
• com.renomad.minum.database.DbTests.test_Db_Delete_EdgeCase_FileGone(com.renomad.minum.database.DbTests) (219 ms)
• com.renomad.minum.database.DbTests.test_Performance(com.renomad.minum.database.DbTests) (254 ms)
• com.renomad.minum.database.DbEngine2Tests.test_Performance(com.renomad.minum.database.DbEngine2Tests) (247 ms)
• com.renomad.minum.database.DbEngine2Tests.test_ConvertingDatabase_Db_To_DbEngine2(com.renomad.minum.database.DbEngine2Tests) (627 ms)
• com.renomad.minum.database.DbTests.test_ConvertingDatabase_DbEngine2_To_DbClassic(com.renomad.minum.database.DbTests) (896 ms)
• com.renomad.minum.security.TheBrigTests (994 ms)
• com.renomad.minum.database.DbEngine2Tests.test_Db_Write_and_Read(com.renomad.minum.database.DbEngine2Tests) (1250 ms)
• com.renomad.minum.database.DbTests.test_Db_Write_and_Read(com.renomad.minum.database.DbTests) (1265 ms)
• com.renomad.minum.database.DbEngine2Tests.testGettingStarted(com.renomad.minum.database.DbEngine2Tests) (2094 ms)
• com.renomad.minum.database.DbEngine2Tests.test_GeneralCapability(com.renomad.minum.database.DbEngine2Tests) (5073 ms)
• com.renomad.minum.database.DbTests.test_GeneralCapability(com.renomad.minum.database.DbTests) (7146 ms)
• com.renomad.minum.utils.StringUtilsTests.test_CleanHtml(com.renomad.minum.utils.StringUtilsTests) (0 ms)
• com.renomad.minum.database.DbEngine2Tests.test_readAndDeserialize_NegativeCase(com.renomad.minum.database.DbEngine2Tests) (31 ms)
• com.renomad.minum.database.DbTests.test_Deserialization_EdgeCases_2(com.renomad.minum.database.DbTests) (46 ms)
• com.renomad.minum.web.RequestTests.test_Request_UrlEncoded_ExcessiveCountOfKeyValuePairs(com.renomad.minum.web.RequestTests) (63 ms)
• com.renomad.minum.web.FullSystemTests.testFullSystem(com.renomad.minum.web.FullSystemTests) (179 ms)
• com.renomad.minum.web.WebPerformanceTests.test3(com.renomad.minum.web.WebPerformanceTests) (621 ms)
• com.renomad.minum.web.WebPerformanceTests.test1(com.renomad.minum.web.WebPerformanceTests) (625 ms)
• com.renomad.minum.utils.StringUtilsTests.test_CleanHtml_Null(com.renomad.minum.utils.StringUtilsTests) (0 ms)
• com.renomad.minum.utils.StringUtilsTests.test_CleanAttributes(com.renomad.minum.utils.StringUtilsTests) (0 ms)
• com.renomad.minum.utils.StringUtilsTests.test_CleanAttributes_Null(com.renomad.minum.utils.StringUtilsTests) (0 ms)