Package org.owasp.esapi.codecs
Interface Codec<T>
-
- All Known Implementing Classes:
AbstractCharacterCodec,AbstractCodec,AbstractIntegerCodec,CSSCodec,DB2Codec,HTMLEntityCodec,JavaScriptCodec,LegacyHTMLEntityCodec,MySQLCodec,OracleCodec,PercentCodec,UnixCodec,VBScriptCodec,WindowsCodec,XMLEntityCodec
public interface Codec<T>The Codec interface defines a set of methods for encoding and decoding application level encoding schemes, such as HTML entity encoding and percent encoding (aka URL encoding). Codecs are used in output encoding and canonicalization. The design of these codecs allows for character-by-character decoding, which is necessary to detect double-encoding and the use of multiple encoding schemes, both of which are techniques used by attackers to bypass validation and bury encoded attacks in data.- Since:
- June 1, 2007, June 1, 2017
- Author:
- Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security, Matt Seil (mseil .at. owasp.org)
- See Also:
Encoder
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description booleancontainsCharacter(char c, char[] array)Utility to search a char[] for a specific char.java.lang.Stringdecode(java.lang.String input)Decode a String that was encoded using the encode method in this ClassTdecodeCharacter(PushbackSequence<T> input)Returns the decoded version of the next character from the input string and advances the current character in the PushbackSequence.java.lang.Stringencode(char[] immune, java.lang.String input)Encode a String so that it can be safely used in a specific context.java.lang.StringencodeCharacter(char[] immune, int codePoint)Default codepoint implementation that should be overridden in specific codecs.java.lang.StringencodeCharacter(char[] immune, java.lang.Character c)Default implementation that should be overridden in specific codecs.java.lang.StringgetHexForNonAlphanumeric(char c)Lookup the hex value of any character that is not alphanumeric.java.lang.StringgetHexForNonAlphanumeric(int c)Lookup the hex value of any character that is not alphanumeric.java.lang.StringtoHex(char c)java.lang.StringtoHex(int c)java.lang.StringtoOctal(char c)
-
-
-
Method Detail
-
encode
java.lang.String encode(char[] immune, java.lang.String input)Encode a String so that it can be safely used in a specific context.- Parameters:
immune-input- the String to encode- Returns:
- the encoded String
-
encodeCharacter
java.lang.String encodeCharacter(char[] immune, java.lang.Character c)Default implementation that should be overridden in specific codecs.- Parameters:
immune- array of chars to NOT encode. Use with caution.c- the Character to encode- Returns:
- the encoded Character
-
encodeCharacter
java.lang.String encodeCharacter(char[] immune, int codePoint)Default codepoint implementation that should be overridden in specific codecs.- Parameters:
immune-codePoint- the integer to encode- Returns:
- the encoded Character
-
decode
java.lang.String decode(java.lang.String input)
Decode a String that was encoded using the encode method in this Class- Parameters:
input- the String to decode- Returns:
- the decoded String
-
decodeCharacter
T decodeCharacter(PushbackSequence<T> input)
Returns the decoded version of the next character from the input string and advances the current character in the PushbackSequence. If the current character is not encoded, this method MUST reset the PushbackString.- Parameters:
input- the Character to decode- Returns:
- the decoded Character
-
getHexForNonAlphanumeric
java.lang.String getHexForNonAlphanumeric(char c)
Lookup the hex value of any character that is not alphanumeric.- Parameters:
c- The character to lookup.- Returns:
- return null if alphanumeric or the character code in hex.
-
getHexForNonAlphanumeric
java.lang.String getHexForNonAlphanumeric(int c)
Lookup the hex value of any character that is not alphanumeric.- Parameters:
c- The character to lookup.- Returns:
- return null if alphanumeric or the character code in hex.
-
toOctal
java.lang.String toOctal(char c)
-
toHex
java.lang.String toHex(char c)
-
toHex
java.lang.String toHex(int c)
-
containsCharacter
boolean containsCharacter(char c, char[] array)Utility to search a char[] for a specific char.- Parameters:
c-array-- Returns:
- True if the supplied array contains the specified character. False otherwise.
-
-