Package org.owasp.esapi

Interface ValidationRule

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      void assertValid​(java.lang.String context, java.lang.String input)
      Check if the input is valid, throw an Exception otherwise
      java.lang.Object getSafe​(java.lang.String context, java.lang.String input)
      Try to call getvalid, then call a 'sanitize' method for sanitization (if one exists), finally return a default value.
      java.lang.String getTypeName()
      Programmatically supplied name for the validator
      java.lang.Object getValid​(java.lang.String context, java.lang.String input)
      Parse the input, throw exceptions if validation fails
      java.lang.Object getValid​(java.lang.String context, java.lang.String input, ValidationErrorList errorList)
      Get a validated value, add the errors to an existing error list
      boolean isValid​(java.lang.String context, java.lang.String input)  
      void setAllowNull​(boolean flag)
      Whether or not a valid valid can be null.
      void setEncoder​(Encoder encoder)  
      void setTypeName​(java.lang.String typeName)  
      java.lang.String whitelist​(java.lang.String input, char[] list)
      String the input of all chars contained in the list
      java.lang.String whitelist​(java.lang.String input, java.util.Set<java.lang.Character> list)
      String the input of all chars contained in the list

    • Method Detail

      • getValid

        java.lang.Object getValid​(java.lang.String context,
                          java.lang.String input)
                   throws ValidationException
        Parse the input, throw exceptions if validation fails
        Parameters:
        context - for logging
        input - the value to be parsed
        Returns:
        a validated value
        Throws:
        ValidationException - if any validation rules fail, except if the ESAPI.properties> property "Validator.ValidationRule.getValid.ignore509Fix" is set to true, which is the default behavior for ESAPI 2.x releases. See ESAPI GitHub Issues 521 for futher details.
        See Also:
        getValid(String context, String input, ValidationErrorList errorList)

      • setAllowNull

        void setAllowNull​(boolean flag)
        Whether or not a valid valid can be null. getValid will throw an Exception and {#code getSafe} will return the default value if flag is set to true
        Parameters:
        flag - whether or not null values are valid/safe

      • getTypeName

        java.lang.String getTypeName()
        Programmatically supplied name for the validator
        Returns:
        a name, describing the validator

      • setTypeName

        void setTypeName​(java.lang.String typeName)
        Parameters:
        typeName - a name, describing the validator

      • setEncoder

        void setEncoder​(Encoder encoder)
        Parameters:
        encoder - the encoder to use

      • assertValid

        void assertValid​(java.lang.String context,
                 java.lang.String input)
          throws ValidationException
        Check if the input is valid, throw an Exception otherwise
        Throws:
        ValidationException

      • getSafe

        java.lang.Object getSafe​(java.lang.String context,
                         java.lang.String input)
        Try to call getvalid, then call a 'sanitize' method for sanitization (if one exists), finally return a default value.

      • isValid

        boolean isValid​(java.lang.String context,
                java.lang.String input)
        Returns:
        true if the input passes validation

      • whitelist

        java.lang.String whitelist​(java.lang.String input,
                           char[] list)
        String the input of all chars contained in the list

      • whitelist

        java.lang.String whitelist​(java.lang.String input,
                           java.util.Set<java.lang.Character> list)
        String the input of all chars contained in the list