com.sun.grizzly.util.http
Class HttpRequestURIDecoder

java.lang.Object
  extended by com.sun.grizzly.util.http.HttpRequestURIDecoder

public class HttpRequestURIDecoder
extends Object

Utility class that make sure an HTTP url defined inside a MessagesBytes is normalized, converted and valid. It also makes sure there is no security hole. Mainly, this class can be used by doing:


 
 HttpRequestURIDecoder.decode(decodedURI, urlDecoder, encoding, b2cConverter);
 
 

Author:
Jeanfrancois Arcand

Field Summary
protected static boolean ALLOW_BACKSLASH
           
 
Constructor Summary
HttpRequestURIDecoder()
           
 
Method Summary
static boolean checkNormalize(MessageBytes uriMB)
          Check that the URI is normalized following character decoding.
protected  void convertMB(MessageBytes mb)
          Character conversion of the a US-ASCII MessageBytes.
protected static void copyBytes(byte[] b, int dest, int src, int len)
          Copy an array of bytes to a different position.
static void decode(MessageBytes decodedURI, UDecoder urlDecoder)
          Decode the http request represented by the bytes inside MessageBytes using an UDecoder.
static void decode(MessageBytes decodedURI, UDecoder urlDecoder, String encoding, B2CConverter b2cConverter)
          Decode the http request represented by the bytes inside MessageBytes using an UDecoder, using the specified encoding, using the specified [@link B2CConverter} to decode the request.
protected  void log(String message)
          Log a message on the Logger associated with our Container (if any)
protected  void log(String message, Throwable throwable)
          Log a message on the Logger associated with our Container (if any)
static boolean normalize(MessageBytes uriMB)
          Normalize URI.
static boolean normalizeBytes(MessageBytes mb)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ALLOW_BACKSLASH

protected static final boolean ALLOW_BACKSLASH
See Also:
Constant Field Values
Constructor Detail

HttpRequestURIDecoder

public HttpRequestURIDecoder()
Method Detail

decode

public static final void decode(MessageBytes decodedURI,
                                UDecoder urlDecoder)
                         throws Exception
Decode the http request represented by the bytes inside MessageBytes using an UDecoder.

Parameters:
decodedURI - - The bytes to decode
urlDecoder - - The urlDecoder to use to decode.
Throws:
Exception

decode

public static final void decode(MessageBytes decodedURI,
                                UDecoder urlDecoder,
                                String encoding,
                                B2CConverter b2cConverter)
                         throws Exception
Decode the http request represented by the bytes inside MessageBytes using an UDecoder, using the specified encoding, using the specified [@link B2CConverter} to decode the request.

Parameters:
decodedURI - - The bytes to decode
urlDecoder - - The urlDecoder to use to decode.
encoding - the encoding value, default is utf-8.
b2cConverter - the Bytes to Char Converter.
Throws:
Exception

normalize

public static boolean normalize(MessageBytes uriMB)
Normalize URI.

This method normalizes "\", "//", "/./" and "/../". This method will return false when trying to go above the root, or if the URI contains a null byte.

Parameters:
uriMB - URI to be normalized

checkNormalize

public static boolean checkNormalize(MessageBytes uriMB)
Check that the URI is normalized following character decoding.

This method checks for "\", 0, "//", "/./" and "/../". This method will return false if sequences that are supposed to be normalized are still present in the URI.

Parameters:
uriMB - URI to be checked (should be chars)

copyBytes

protected static void copyBytes(byte[] b,
                                int dest,
                                int src,
                                int len)
Copy an array of bytes to a different position. Used during normalization.


log

protected void log(String message)
Log a message on the Logger associated with our Container (if any)

Parameters:
message - Message to be logged

log

protected void log(String message,
                   Throwable throwable)
Log a message on the Logger associated with our Container (if any)

Parameters:
message - Message to be logged
throwable - Associated exception

convertMB

protected void convertMB(MessageBytes mb)
Character conversion of the a US-ASCII MessageBytes.


normalizeBytes

public static boolean normalizeBytes(MessageBytes mb)


Copyright © 2012 Oracle Corporation. All Rights Reserved.