StringValidationRule (ESAPI 2.1.0.1 API)

java.lang.Object
- org.owasp.esapi.reference.validation.BaseValidationRule
- - org.owasp.esapi.reference.validation.StringValidationRule

All Implemented Interfaces:

ValidationRule

Direct Known Subclasses:

HTMLValidationRule
```
public class StringValidationRule
extends BaseValidationRule
```
A validator performs syntax and possibly semantic validation of a single piece of data from an untrusted source.

Since:

June 1, 2007

Author:

Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security

See Also:
http://en.wikipedia.org/wiki/Whitelist

Field Summary

Fields
Modifier and Type	Field and Description
`protected List<Pattern>`	`blacklistPatterns`
`protected int`	`maxLength`
`protected int`	`minLength`
`protected boolean`	`validateInputAndCanonical`
`protected List<Pattern>`	`whitelistPatterns`

Fields inherited from class org.owasp.esapi.reference.validation.BaseValidationRule
allowNull, encoder

Constructor Summary

Constructors
Constructor and Description
`StringValidationRule(String typeName)`
`StringValidationRule(String typeName, Encoder encoder)`
`StringValidationRule(String typeName, Encoder encoder, String whitelistPattern)`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`addBlacklistPattern(Pattern p)`
`void`	`addBlacklistPattern(String pattern)`
`void`	`addWhitelistPattern(Pattern p)`
`void`	`addWhitelistPattern(String pattern)`
`String`	`getValid(String context, String input)` Parse the input, throw exceptions if validation fails
`String`	`sanitize(String context, String input)` The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care).
`void`	`setMaximumLength(int length)`
`void`	`setMinimumLength(int length)`
`void`	`setValidateInputAndCanonical(boolean flag)` Set the flag which determines whether the in input itself is checked as well as the canonical form of the input.

Methods inherited from class org.owasp.esapi.reference.validation.BaseValidationRule
assertValid, charArrayToSet, getEncoder, getSafe, getTypeName, getValid, isAllowNull, isValid, setAllowNull, setEncoder, setTypeName, whitelist, whitelist

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - whitelistPatterns
```
protected List<Pattern> whitelistPatterns
```
  - blacklistPatterns
```
protected List<Pattern> blacklistPatterns
```
  - minLength
```
protected int minLength
```
  - maxLength
```
protected int maxLength
```
  - validateInputAndCanonical
```
protected boolean validateInputAndCanonical
```
- Constructor Detail
  - StringValidationRule
```
public StringValidationRule(String typeName)
```
  - StringValidationRule
```
public StringValidationRule(String typeName,
                    Encoder encoder)
```
  - StringValidationRule
```
public StringValidationRule(String typeName,
                    Encoder encoder,
                    String whitelistPattern)
```
- Method Detail
  - addWhitelistPattern
```
public void addWhitelistPattern(String pattern)
```
    Throws:
    
    IllegalArgumentException - if pattern is null
  - addWhitelistPattern
```
public void addWhitelistPattern(Pattern p)
```
    Throws:
    
    IllegalArgumentException - if p is null
  - addBlacklistPattern
```
public void addBlacklistPattern(String pattern)
```
    Throws:
    
    IllegalArgumentException - if pattern is null
  - addBlacklistPattern
```
public void addBlacklistPattern(Pattern p)
```
    Throws:
    
    IllegalArgumentException - if p is null
  - setMinimumLength
```
public void setMinimumLength(int length)
```
  - setMaximumLength
```
public void setMaximumLength(int length)
```
  - setValidateInputAndCanonical
```
public void setValidateInputAndCanonical(boolean flag)
```
    Set the flag which determines whether the in input itself is checked as well as the canonical form of the input.
    
    Parameters:
    flag - The value to set
  - getValid
```
public String getValid(String context,
              String input)
                throws ValidationException
```
    Parse the input, throw exceptions if validation fails
    
    Parameters:
    context - for logging
    input - the value to be parsed
    
    Returns:
    a validated value
    
    Throws:
    
    ValidationException - if any validation rules fail
  - sanitize
```
public String sanitize(String context,
              String input)
```
    The method is similar to ValidationRuile.getSafe except that it returns a harmless object that may or may not have any similarity to the original input (in some cases you may not care). In most cases this should be the same as the getSafe method only instead of throwing an exception, return some default value.
    
    Specified by:
    
    sanitize in class BaseValidationRule
    
    Returns:
    a parsed version of the input or a default value.

Class StringValidationRule

Field Summary

Fields inherited from class org.owasp.esapi.reference.validation.BaseValidationRule

Constructor Summary

Method Summary

Methods inherited from class org.owasp.esapi.reference.validation.BaseValidationRule

Methods inherited from class java.lang.Object

Field Detail

whitelistPatterns

blacklistPatterns

minLength

maxLength

validateInputAndCanonical

Constructor Detail

StringValidationRule

StringValidationRule

StringValidationRule

Method Detail

addWhitelistPattern

addWhitelistPattern

addBlacklistPattern

addBlacklistPattern

setMinimumLength

setMaximumLength

setValidateInputAndCanonical

getValid

sanitize