public static String self(String searchTerm) { return StrSubstitutor.replace(BASE + "?q=${searchTerm}", of("searchTerm", UrlEscapers.urlFormParameterEscaper().escape(searchTerm))); }
@Description("escape a string for use in URL query parameter names and values") @ScalarFunction @LiteralParameters({"x", "y"}) @Constraint(variable = "y", expression = "min(2147483647, x * 12)") @SqlType("varchar(y)") public static Slice urlEncode(@SqlType("varchar(x)") Slice value) { Escaper escaper = UrlEscapers.urlFormParameterEscaper(); return slice(escaper.escape(value.toStringUtf8())); }
private void xss(final Env env) { Escaper ufe = UrlEscapers.urlFragmentEscaper(); Escaper fpe = UrlEscapers.urlFormParameterEscaper(); Escaper pse = UrlEscapers.urlPathSegmentEscaper(); Escaper html = HtmlEscapers.htmlEscaper(); env.xss("urlFragment", ufe::escape) .xss("formParam", fpe::escape) .xss("pathSegment", pse::escape) .xss("html", html::escape); }
public void testUrlFormParameterEscaper() { UnicodeEscaper e = (UnicodeEscaper) urlFormParameterEscaper(); // Verify that these are the same escaper (as documented) assertSame(e, urlFormParameterEscaper()); assertBasicUrlEscaper(e); /* * Specified as safe by RFC 2396 but not by java.net.URLEncoder. These tests will start failing * when the escaper is made compliant with RFC 2396, but that's a good thing (just change them * to assertUnescaped). */ assertEscaping(e, "%21", '!'); assertEscaping(e, "%28", '('); assertEscaping(e, "%29", ')'); assertEscaping(e, "%7E", '~'); assertEscaping(e, "%27", '\''); // Plus for spaces assertEscaping(e, "+", ' '); assertEscaping(e, "%2B", '+'); assertEquals("safe+with+spaces", e.escape("safe with spaces")); assertEquals("foo%40bar.com", e.escape("foo@bar.com")); }
/** Constructor. */ public ServletRequestScopedStorageService() { cookieName = DEFAULT_COOKIE_NAME; capabilitySize = 4096; escaper = UrlEscapers.urlFormParameterEscaper(); }
/** Constructor. */ public DuoAuthAuthenticator() { wrapperTypeRef = new TypeReference<DuoResponseWrapper<DuoAuthResponse>>() {}; paramEscaper = UrlEscapers.urlFormParameterEscaper(); }
public static String encodeParam(String pathPart) { // jenkins doesn't like the + for space, use %20 instead return UrlEscapers.urlFormParameterEscaper().escape(pathPart); }
public CatCommand(String key) { String url = "http://thecatapi.com/api/images/get?size=small&format=xml&type=gif"; if (key != null) { url += "&api_key=" + UrlEscapers.urlFormParameterEscaper().escape(key); } requestUrl = url; }
/** Constructor. */ public SaveCookieBackedClientStorageServices() { storageServices = Collections.emptyMap(); escaper = UrlEscapers.urlFormParameterEscaper(); }
/** * Encodes a String so it can be used as query param. * * @param v * @return */ public static String encodeQueryParam(String v) { String encoded = UrlEscapers.urlFormParameterEscaper().escape(v); return encoded; }
@Override public String apply(Map.Entry<String, String> entry) { Escaper escaper = UrlEscapers.urlFormParameterEscaper(); return escaper.escape(entry.getKey()) + "=" + escaper.escape(entry.getValue()); } }
@RolesAllowed(SecurityRoles.JOB_EDITOR) @RequestMapping(method = RequestMethod.POST, produces = MediaType.TEXT_HTML_VALUE, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) public String uploadAnalysisJobToFolderHtml(@PathVariable("tenant") final String tenant, @RequestParam("file") final MultipartFile file) { final Map<String, String> outcome = uploadAnalysisJobToFolderJson(tenant, file); final String status = outcome.get("status"); final String filename = UrlEscapers.urlFormParameterEscaper().escape(outcome.get("filename")); return "redirect:/scheduling?job_upload=" + status + "&job_filename=" + filename; }
@RolesAllowed(SecurityRoles.JOB_EDITOR) @RequestMapping(method = RequestMethod.POST, produces = MediaType.TEXT_HTML_VALUE, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) public String uploadAnalysisJobHtml(@PathVariable("tenant") final String tenant, @PathVariable("job") String jobName, @RequestParam("file") final MultipartFile file) { final Map<String, String> outcome = uploadAnalysisJobJson(tenant, jobName, file); final String status = outcome.get("status"); final String filename = UrlEscapers.urlFormParameterEscaper().escape(outcome.get("filename")); return "redirect:/repository?job_upload=" + status + "&job_filename=" + filename; }
private static String formatUrl() { String pluginVersion = ServiceManager.getService(PluginInfoService.class).getPluginVersion(); String cloudSdkVersion = getCloudSdkVersion(); String issueBody = MessageFormat.format( BODY_TEMPLATE, pluginVersion, cloudSdkVersion == null ? "No Cloud SDK Service Installed" : cloudSdkVersion, System.getProperty("os.name"), System.getProperty("os.version")); return NEW_ISSUE_URL + "?body=" + UrlEscapers.urlFormParameterEscaper().escape(issueBody); }
/** Constructor. */ public TemplatedURLBuilder() { paramEscaper = UrlEscapers.urlFormParameterEscaper(); fragmentEscaper = UrlEscapers.urlFragmentEscaper(); pathEscaper = UrlEscapers.urlPathSegmentEscaper(); }
/** Constructor. */ public TemplatedBodyBuilder() { method = "POST"; mimeType ="text/plain"; paramEscaper = UrlEscapers.urlFormParameterEscaper(); fragmentEscaper = UrlEscapers.urlFragmentEscaper(); pathEscaper = UrlEscapers.urlPathSegmentEscaper(); xmlAttributeEscaper = XmlEscapers.xmlAttributeEscaper(); xmlContentEscaper = XmlEscapers.xmlContentEscaper(); }
@Description("escape a string for use in URL query parameter names and values") @ScalarFunction @SqlType(StandardTypes.VARCHAR) public static Slice urlEncode(@SqlType(StandardTypes.VARCHAR) Slice value) { Escaper escaper = UrlEscapers.urlFormParameterEscaper(); return slice(escaper.escape(value.toStringUtf8())); }
@Description("escape a string for use in URL query parameter names and values") @ScalarFunction @LiteralParameters({"x", "y"}) @Constraint(variable = "y", expression = "min(2147483647, x * 12)") @SqlType("varchar(y)") public static Slice urlEncode(@SqlType("varchar(x)") Slice value) { Escaper escaper = UrlEscapers.urlFormParameterEscaper(); return slice(escaper.escape(value.toStringUtf8())); }
@Description("escape a string for use in URL query parameter names and values") @ScalarFunction @LiteralParameters({"x", "y"}) @Constraint(variable = "y", expression = "min(2147483647, x * 12)") @SqlType("varchar(y)") public static Slice urlEncode(@SqlType("varchar(x)") Slice value) { Escaper escaper = UrlEscapers.urlFormParameterEscaper(); return slice(escaper.escape(value.toStringUtf8())); }
private void xss(final Env env) { Escaper ufe = UrlEscapers.urlFragmentEscaper(); Escaper fpe = UrlEscapers.urlFormParameterEscaper(); Escaper pse = UrlEscapers.urlPathSegmentEscaper(); Escaper html = HtmlEscapers.htmlEscaper(); env.xss("urlFragment", ufe::escape) .xss("formParam", fpe::escape) .xss("pathSegment", pse::escape) .xss("html", html::escape); }