Java String Sanitize sanitizeForLogMessage(String unsanitizedString)

Description

Sanitizes the log message, only allow br element and span element with class attribute equals to "bold" or "text-danger".

License

Open Source License

Declaration

public static String sanitizeForLogMessage(String unsanitizedString)

Method Source Code

//package com.java2s;
//License from project: Open Source License 

public class Main {
    /**/*from w w  w . ja  v  a  2  s  .  co m*/
     * Sanitizes the log message, only allow br element and span element with class attribute equals to
     * "bold" or "text-danger". Convert other special characters into HTML-safe equivalents.
     */
    public static String sanitizeForLogMessage(String unsanitizedString) {
        if (unsanitizedString == null) {
            return null;
        }
        return unsanitizedString
                .replaceAll(
                        "<(?!(/?(span( class=\"(bold|text-danger)\")?|br)>))",
                        "&lt;")
                .replaceAll(
                        "(?<!(</?(span( class=\"(bold|text-danger)\")?|br)))>",
                        "&gt;")
                .replaceAll(
                        "(?<!<span class=(\"(bold|text-danger))?)\"(?!>)",
                        "&quot;")
                .replaceAll("(?<!<)/(?!(span|br)>)", "&#x2f;")
                .replace("'", "&#39;")
                //To ensure when apply sanitizeForHtml for multiple times, the string's still fine
                //Regex meaning: replace '&' with safe encoding, but not the one that is safe already
                .replaceAll(
                        "&(?!(amp;)|(lt;)|(gt;)|(quot;)|(#x2f;)|(#39;))",
                        "&amp;");
    }
}

Java String Sanitize sanitizeForLogMessage(String unsanitizedString)

Description

License

Declaration

Method Source Code

Related