Package org.owasp.esapi.codecs
Class OracleCodec
- java.lang.Object
-
- org.owasp.esapi.codecs.AbstractCodec<java.lang.Character>
-
- org.owasp.esapi.codecs.AbstractCharacterCodec
-
- org.owasp.esapi.codecs.OracleCodec
-
- All Implemented Interfaces:
Codec<java.lang.Character>
public class OracleCodec extends AbstractCharacterCodec
Implementation of the Codec interface for Oracle strings. This function will only protect you from SQLi in the case of user data bring placed within an Oracle quoted string such as: select * from table where user_name=' USERDATA ';- Since:
- June 1, 2007
- Author:
- Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security, Jim Manico (jim@manico.net) Manico.net
- See Also:
- how-to-escape-single-quotes-in-strings,
Encoder
-
-
Constructor Summary
Constructors Constructor Description OracleCodec()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Character
decodeCharacter(PushbackSequence<java.lang.Character> input)
Returns the decoded version of the next character from the input string and advances the current character in the PushbackSequence.java.lang.String
encodeCharacter(char[] immune, java.lang.Character c)
WARNING!!!! Passing a standard char to this method will resolve to the-
Methods inherited from class org.owasp.esapi.codecs.AbstractCharacterCodec
decode
-
Methods inherited from class org.owasp.esapi.codecs.AbstractCodec
containsCharacter, encode, encodeCharacter, encodeCharacter, getHexForNonAlphanumeric, getHexForNonAlphanumeric, toHex, toHex, toOctal
-
-
-
-
Method Detail
-
encodeCharacter
public java.lang.String encodeCharacter(char[] immune, java.lang.Character c)
WARNING!!!! Passing a standard char to this method will resolve to the Encodes ' to '' Encodes ' to ''- Specified by:
encodeCharacter
in interfaceCodec<java.lang.Character>
- Overrides:
encodeCharacter
in classAbstractCodec<java.lang.Character>
- Parameters:
immune
-c
- the Character to encode- Returns:
- the encoded Character
- See Also:
method instead of this one!!! YOU HAVE BEEN WARNED!!!!
-
decodeCharacter
public java.lang.Character decodeCharacter(PushbackSequence<java.lang.Character> input)
Returns the decoded version of the next character from the input string and advances the current character in the PushbackSequence. If the current character is not encoded, this method MUST reset the PushbackString. Returns the decoded version of the character starting at index, or null if no decoding is possible. Formats all are legal '' decodes to '- Specified by:
decodeCharacter
in interfaceCodec<java.lang.Character>
- Overrides:
decodeCharacter
in classAbstractCodec<java.lang.Character>
- Parameters:
input
- the Character to decode- Returns:
- the decoded Character
-
-