Menu
In my project (Java/Play framework) I have an error handling routing that checks the response from a web service if the response is an error code, we display the corresponding error message saying what was the problem with the user input, the service checks user input validity.
When the user enter an % symbol, this logic breaks because the error display logic uses
String.format(message, messageArgs);
Which interpolates the messageArgs intro the message String where it finds an %, and if the messageArgs contains an % as well I get an exception.
I need to sanitize, escape or otherwise remove the % from the user inputs, before displaying the message.
message: The requested email address %s is invalid messageArgs: orlybg%@gmail.com
Any advice on how to do this in Java in the simplest, shortest way?
here's a part of the error log
java.util.UnknownFormatConversionException: Conversion = 'i'
at java.util.Formatter$FormatSpecifier.conversion(Formatter.java:2646)
at java.util.Formatter$FormatSpecifier.<init>(Formatter.java:2675)
at java.util.Formatter.parse(Formatter.java:2528)
at java.util.Formatter.format(Formatter.java:2469)
at java.util.Formatter.format(Formatter.java:2423)
at java.lang.String.format(String.java:2797)
at controllers.api.PublicAPI.renderAPIError(PublicAPI.java:176)
at controllers.api.DeviceAPI.setEmailAddress(DeviceAPI.java:736)
at play.mvc.ActionInvoker.invokeWithContinuation(ActionInvoker.java:557)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:508)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:484)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:479)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:161)
at Invocation.HTTP Request(Play!)
Thanks!
522
The escapeJava() method of the StringEscapeUtils class in the Commons LangS library can be used to insert JavaSW escape characters into a String. It takes the String to escape as a parameter and returns the String with Java escape characters inserted. The JavaEscapeTest class gives an example of this.
You can use a backslash to escape a formatting character: String. Format("{0:Save #\\%}", 100);
To add a space between characters of a string, call the split() method on the string to get a character array, then call the join() method on the array to join the characters with a space separator. The String split() method splits a string in an array of substrings, using the specified separator.
Escape sequences are used to signal an alternative interpretation of a series of characters. In Java, a character preceded by a backslash (\) is an escape sequence. The Java compiler takes an escape sequence as one single character that has a special meaning.
In message String, the % sign is escaped with another %. So you will need to double it up: %%
For example: "Bla bla %i bla" -> "Bla bla %%i bla"
In messageArgs String, there is no problem with the % sign and you don't need to escape it
168
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
