Annotation Interface NoTrim
By default, the OG4Dev Spring API Response library automatically trims leading and trailing whitespace from all string fields during JSON deserialization for data quality and security. This annotation allows you to opt-out of automatic trimming for specific fields where preserving the original whitespace is critical.
Important: Even when @NoTrim is applied, XSS validation (HTML tag detection)
is still performed on the field value to maintain security.
Use Cases
- Password fields: Users may intentionally include leading/trailing spaces in passwords
- Code snippets: Preserving exact spacing in source code or formatted text
- Base64-encoded data: Encoded strings that must not be modified
- Whitespace-sensitive data: Any field where original formatting matters
- API tokens/keys: Security credentials that should be processed exactly as provided
Example Usage
public class UserDTO {
private String username; // Trimmed automatically: " john " → "john"
private String email; // Trimmed automatically: " [email protected] " → "[email protected]"
@NoTrim
private String password; // NOT trimmed: " pass123 " → " pass123 "
@NoTrim
private String bio; // NOT trimmed: preserves formatting
}
Security Considerations
Even with @NoTrim, all string values are still validated for XSS attacks.
The following will still be rejected:
{"password": "<script>alert('XSS')</script>"} // Rejected: Contains HTML tags
{"bio": "Hello <b>World</b>"} // Rejected: Contains HTML tags
How It Works
This annotation is processed by the AdvancedStringDeserializer in
ApiResponseAutoConfiguration.strictJsonCustomizer().
The deserializer uses ValueDeserializer.createContextual(tools.jackson.databind.DeserializationContext, tools.jackson.databind.BeanProperty)
to detect the annotation and create a specialized instance that skips trimming.
- Since:
- 1.2.0
- Version:
- 1.2.0
- Author:
- Pasindu OG
- See Also: