-
- All Implemented Interfaces:
-
com.planbase.taint.Taintable,java.io.Serializable,kotlin.Comparable
public final class Tainted implements Comparable<Tainted>, Serializable, Taintable
An immutable, untrusted java.lang.String. This allows the type system to prevent XSS errors, double-encoding, and similar errors. This cannot implement HtmlUrlStringable, Htmlable, etc. because HtmlSequence.p() is overridden to take all of those types, and we need to specify how we want this tainted string encoded - there is no one right answer.
Use the taint static factory methods to wrap all untrusted inputs. If the inputs can be null, use the taintNullable methods instead. Instead of using StringBuilder/StringBuffer with this, use TaintBuilder.
toString is overridden to surround the wrapped string with ⛔ "No Entry" (road signs) which are always bold and easy to see everywhere. If you see this sign, it means you haven't encoded the data correctly for your output. It's a "make-wrong-look-wrong" thing (thank you, Joel Spolsky) https://www.joelonsoftware.com/2005/05/11/making-wrong-code-look-wrong/
This is called Tainted because that's what it's called in other programming languages and the relevant Wikipedia article is titled, "taint checking." It's fairly short (7 letters) and can't be mistaken for anything else (Taint sounds like a verb to me).
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description public classTainted.Companion
-
Method Summary
Modifier and Type Method Description final IntegercompareToIgnoreCase(Tainted other)final Booleancontains(String other)final Booleancontains(Tainted other)final CharactercharAt(Integer index)final BooleanendsWith(String str)final BooleanendsWith(Tainted t)final BooleanequalsIgnoreCase(Tainted other)final IntegerindexOf(String str)final IntegerindexOf(String str, Integer i)final IntegerlastIndexOf(String str)Integerlength()The length of the underlying String final Taintedlowercase(Locale locale)final Taintedlowercase()final Booleanmatches(String regex)final BooleanregionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len, Boolean ignoreCase)final BooleanregionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len)final Taintedreplace(String s1, String s2)final BooleanstartsWith(String prefix)final Taintedsubstring(Integer b)final Taintedsubstring(Integer b, Integer e)final Taintedtake(Integer numItems)Returns the first numItems items. final Taintedtrim()final TaintedtoLowerCase(Locale locale)final TaintedtoLowerCase()TaintedtoTaintedS()Returns an Immutable Tainted representation of the object. StringtoString()DANGEROUS: Using this trusts user input, defeating the purpose of this class. StringunsafeRaw()DANGEROUS: Using this trusts user input, defeating the purpose of this class, but if you really want that, here it is. final TaintedtoUpperCase(Locale locale)final TaintedtoUpperCase()final LongparseLong()final StringquoteAsString()Turns this into a valid, quoted Kotlin/Java string (good for writing to log files). final Tainteduppercase(Locale locale)final Tainteduppercase()IntegerhashCode()Booleanequals(Object other)IntegercompareTo(Tainted other)-
-
Method Detail
-
compareToIgnoreCase
final Integer compareToIgnoreCase(Tainted other)
-
equalsIgnoreCase
final Boolean equalsIgnoreCase(Tainted other)
-
lastIndexOf
final Integer lastIndexOf(String str)
-
lowercase
@JvmOverloads() final Tainted lowercase(Locale locale)
-
lowercase
@JvmOverloads() final Tainted lowercase()
-
regionMatches
@JvmOverloads() final Boolean regionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len, Boolean ignoreCase)
-
regionMatches
@JvmOverloads() final Boolean regionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len)
-
startsWith
final Boolean startsWith(String prefix)
-
take
final Tainted take(Integer numItems)
Returns the first numItems items. If numItems < 1, returns BLANK_TS. If numItems <= s.length returns the first n items. Else returns this unmodified.
-
toLowerCase
@JvmOverloads() final Tainted toLowerCase(Locale locale)
-
toLowerCase
@JvmOverloads() final Tainted toLowerCase()
-
toTaintedS
Tainted toTaintedS()
Returns an Immutable Tainted representation of the object.
-
toString
@Deprecated(message = "This data should be encoded.", replaceWith = @ReplaceWith(imports = {}, expression = "unsafeRaw()")) String toString()
DANGEROUS: Using this trusts user input, defeating the purpose of this class. This is deprecated, so you don't do so explicitly and accidentally, but Java and Kotlin will both call this method implicitly.
If failSoftly is false (the default) throws an UnsupportedOperationException. If failSoftly is true, uses warning signs as delimiters to make errors visible.
-
unsafeRaw
String unsafeRaw()
DANGEROUS: Using this trusts user input, defeating the purpose of this class, but if you really want that, here it is. Tip: audit/search your project for usages of this method!
-
toUpperCase
@JvmOverloads() final Tainted toUpperCase(Locale locale)
-
toUpperCase
@JvmOverloads() final Tainted toUpperCase()
-
quoteAsString
final String quoteAsString()
Turns this into a valid, quoted Kotlin/Java string (good for writing to log files).
-
uppercase
@JvmOverloads() final Tainted uppercase(Locale locale)
-
uppercase
@JvmOverloads() final Tainted uppercase()
-
-
-
-