All geek questions in one place

Are string parameters usually automatically escaped in web services?

Today I found out that a simple %inside string parameter passed from client to server results in Bad Request 400.

Since I have basic knowledge with web services, I don't know if this is normal behavior. Am I missing something (is it my responsibility to avoid strings?), Or should I look somewhere else?

Client Code:

@WebMethod(operationName = "push", action = "urn:Push")
public boolean push(String msg);

Server Code:

@XmlRootElement(name = "push", namespace = "http://ws.something.com/")
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "push", namespace = "http://ws.something.com/", propOrder = {"arg0"})
public class Push {

    @XmlElement(name = "arg0")
    private java.lang.String arg0;

    public java.lang.String getArg0() {
        return this.arg0;
    }

    public void setArg0(java.lang.String newArg0)  {
        this.arg0 = newArg0;
    }
}

Note:

This client / server pair works fine locally on our development host server, even with an %inside line parameter. However, this results Bad Request 400in a different host server. Thus, this may be related to the server environment. If so, I would like to get a hint of what might cause this.

+4
2

, . .

    String test = new String("%");
    System.out.println(test);
    byte[] byteArray = test.getBytes("UTF-16");
    test = new String(byteArray);
    System.out.println(test);

, , .

. https://docs.oracle.com/javase/7/docs/api/java/nio/charset/Charset.html

+1

. Java .

: https://docs.oracle.com/javase/7/docs/api/java/net/URLEncoder.html : https://docs.oracle.com/javase/7/docs/api/java/net/URLDecoder.html

import java.net.URLEncoder;
...
public java.lang.String getArg0() {
    return URLEncoder.encode(this.arg0);
}
-1

Source: https://habr.com/ru/post/1654149/

More articles:


All Articles