-
- All Implemented Interfaces:
-
com.planbase.taint.Taintable
,java.io.Serializable
,kotlin.Comparable
public final class Tainted implements Comparable<Tainted>, Serializable, Taintable
An immutable, untrusted java.lang.String. This allows the type system to prevent XSS errors, double-encoding, and similar errors. This cannot implement HtmlUrlStringable, Htmlable, etc. because HtmlSequence.p() is overridden to take all of those types, and we need to specify how we want this tainted string encoded - there is no one right answer.
Use the taint static factory methods to wrap all untrusted inputs. If the inputs can be null, use the taintNullable methods instead. Instead of using StringBuilder/StringBuffer with this, use TaintBuilder.
toString is overridden to surround the wrapped string with ⛔ "No Entry" (road signs) which are always bold and easy to see everywhere. If you see this sign, it means you haven't encoded the data correctly for your output. It's a "make-wrong-look-wrong" thing (thank you, Joel Spolsky) https://www.joelonsoftware.com/2005/05/11/making-wrong-code-look-wrong/
This is called Tainted because that's what it's called in other programming languages and the relevant Wikipedia article is titled, "taint checking." It's fairly short (7 letters) and can't be mistaken for anything else (Taint sounds like a verb to me).
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description public class
Tainted.Companion
-
Method Summary
Modifier and Type Method Description final Integer
compareToIgnoreCase(Tainted other)
final Boolean
contains(String other)
final Boolean
contains(Tainted other)
final Character
charAt(Integer index)
final Boolean
endsWith(String str)
final Boolean
endsWith(Tainted t)
final Boolean
equalsIgnoreCase(Tainted other)
final Integer
indexOf(String str)
final Integer
indexOf(String str, Integer i)
final Integer
lastIndexOf(String str)
Integer
length()
The length of the underlying String final Tainted
lowercase(Locale locale)
final Tainted
lowercase()
final Boolean
matches(String regex)
final Boolean
regionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len, Boolean ignoreCase)
final Boolean
regionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len)
final Tainted
replace(String s1, String s2)
final Boolean
startsWith(String prefix)
final Tainted
substring(Integer b)
final Tainted
substring(Integer b, Integer e)
final Tainted
take(Integer numItems)
Returns the first numItems items. final Tainted
trim()
final Tainted
toLowerCase(Locale locale)
final Tainted
toLowerCase()
Tainted
toTaintedS()
Returns an Immutable Tainted representation of the object. String
toString()
DANGEROUS: Using this trusts user input, defeating the purpose of this class. String
unsafeRaw()
DANGEROUS: Using this trusts user input, defeating the purpose of this class, but if you really want that, here it is. final Tainted
toUpperCase(Locale locale)
final Tainted
toUpperCase()
final Long
parseLong()
final String
quoteAsString()
Turns this into a valid, quoted Kotlin/Java string (good for writing to log files). final Tainted
uppercase(Locale locale)
final Tainted
uppercase()
Integer
hashCode()
Boolean
equals(Object other)
Integer
compareTo(Tainted other)
-
-
Method Detail
-
compareToIgnoreCase
final Integer compareToIgnoreCase(Tainted other)
-
equalsIgnoreCase
final Boolean equalsIgnoreCase(Tainted other)
-
lastIndexOf
final Integer lastIndexOf(String str)
-
lowercase
@JvmOverloads() final Tainted lowercase(Locale locale)
-
lowercase
@JvmOverloads() final Tainted lowercase()
-
regionMatches
@JvmOverloads() final Boolean regionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len, Boolean ignoreCase)
-
regionMatches
@JvmOverloads() final Boolean regionMatches(Integer toffset, Tainted other, Integer ooffset, Integer len)
-
startsWith
final Boolean startsWith(String prefix)
-
take
final Tainted take(Integer numItems)
Returns the first numItems items. If numItems < 1, returns BLANK_TS. If numItems <= s.length returns the first n items. Else returns this unmodified.
-
toLowerCase
@JvmOverloads() final Tainted toLowerCase(Locale locale)
-
toLowerCase
@JvmOverloads() final Tainted toLowerCase()
-
toTaintedS
Tainted toTaintedS()
Returns an Immutable Tainted representation of the object.
-
toString
@Deprecated(message = "This data should be encoded.", replaceWith = @ReplaceWith(imports = {}, expression = "unsafeRaw()")) String toString()
DANGEROUS: Using this trusts user input, defeating the purpose of this class. This is deprecated, so you don't do so explicitly and accidentally, but Java and Kotlin will both call this method implicitly.
If failSoftly is false (the default) throws an UnsupportedOperationException. If failSoftly is true, uses warning signs as delimiters to make errors visible.
-
unsafeRaw
String unsafeRaw()
DANGEROUS: Using this trusts user input, defeating the purpose of this class, but if you really want that, here it is. Tip: audit/search your project for usages of this method!
-
toUpperCase
@JvmOverloads() final Tainted toUpperCase(Locale locale)
-
toUpperCase
@JvmOverloads() final Tainted toUpperCase()
-
quoteAsString
final String quoteAsString()
Turns this into a valid, quoted Kotlin/Java string (good for writing to log files).
-
uppercase
@JvmOverloads() final Tainted uppercase(Locale locale)
-
uppercase
@JvmOverloads() final Tainted uppercase()
-
-
-
-