I'm coming from this question.
The following code does not work well:
public static void main(String[] args) throws Exception {
for (int i = 0; i < 15; i++)
{
String google = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&q=";
String search = "test";
String charset = "UTF-8";
URL url = new URL(google + URLEncoder.encode(search, charset));
Reader reader = new InputStreamReader(url.openStream(), charset);
GoogleResults results = new Gson().fromJson(reader, GoogleResults.class);
// Show title and URL of 1st result.
System.out.println(results.getResponseData().getResults().get(0).getTitle());
System.out.println(results.getResponseData().getResults().get(0).getUrl());
}
}
The search query works fine if I run it one time, however in this loop I get a null pointer exception.
Unfortunately I need my program to make several queries :( What can I do?
It returns a NullPointerException at the first results.getResponseData.
This is happening because Google actively blocks suspected terms of service abuse. See section 5.3 here:
http://www.google.com/accounts/TOS
If Google detects that you are issuing search requests via a program without their consent, they don't send back results. Your JSON response will contain this:
{"responseData": null, "responseDetails": "Suspected Terms of Service Abuse. Please see http://code.google.com/apis/errors", "responseStatus": 403}
Check to make sure results and other contained objects are not null before you use them.
if ((results != null) && (results.getResponseData() != null) &&
(results.getResponseData().getResults() != null) &&
(results.getResponseData().getResults().get(0) != null)) {
// Show title and URL of 1st result.
System.out.println(results.getResponseData().getResults().get(0).getTitle());
System.out.println(results.getResponseData().getResults().get(0).getUrl());
}
Related
I am using the below code for sanitizing the JSON but still, I am getting the JSON injection while scanning from Fortify can you please help me out what is the problem or this is not an issue, maybe suppress. I have also looked out for the same question but those don't solve my problem . my problem is that I am sanitizing my JSON before converting it to java object but still I am getting JSON injection error in fortify
public String handleEventMessage(String jsonRequest) {
MonerisPaymentDetailsObject paymentObject = null;
if(null!=jsonRequest && jsonRequest.length()>0){
try{
paymentObject = mapper.readValue(JsonSanitizer.sanitize(jsonRequest), MonerisPaymentDetailsObject.class);
}catch(Exception ex){
logger.error("Error occured while converting MonerisPaymentDetailsObject json to Object :" , ex);
}
return "abc";
}
Fortify giving below description for this error
1. Data enters a program from an untrusted source.
In this case the data enters at readLine() in EPWFPaymentServicesServlet.java at line 49.
2. The data is written to a JSON stream.
In this case the JSON is written by readValue() in EPWFMonerisPaymentsServiceHandler.java at line 46.
EPWFPaymentServicesServlet.java code where data is entered
#Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
CodeTimer timer = new CodeTimer("EPWFPaymentServicesServlet.doPost()", true);
response.setContentType("text/xml");
BufferedReader reader = new BufferedReader(new InputStreamReader(request.getInputStream()));
StringBuffer requestBuffer = new StringBuffer(request.getContentLength());
String line = null;
while ((line = reader.readLine()) != null) {
requestBuffer.append(line).append('\n');
}
// read the POST request contents
String requestString = requestBuffer.toString();
if (logger.isDebugEnabled()) {
logger.debug("EPWF Payment Service POST Request: \n" + ((requestString == null) ? "Null" : requestString.substring(0, 9)));
}
PaymentServiceHandlerComposit paySvcHandler = new PaymentServiceHandlerComposit();
String responseString =paySvcHandler.handleEventMessage(requestString);//line no 49 where fortify is giving description for class where i am sanitizing the data
if (logger.isDebugEnabled()) {
logger.debug("EPWF Payment Service POST Response: \n" + ((responseString == null) ? "Null" : requestString));
}
response.getOutputStream().print(responseString);
timer.stopAndLogTiming("");
}
Given that you are using a new up-to-date version of jackson, there should be no need to pre-sanitise or alter your data at all before handing it off to jackson.
Jackson will only accept and parse valid JSON, as new exploits and vulnerabilities are discovered, the maintainers of Jackson fix and release new versions. and the best you can do is to keep up to date with these versions.
If the above conditions are met, you can safely suppress this error from fortify, the chance that there is a bug in your custom sanitizer is way higher than the chance of there being one in Jackson
I am using the java speech recognition API - Jarvis located at https://github.com/lkuza2/java-speech-api
However when I run my application, I get an error : Server returned HTTP response code: 400 for URL: https://www.google.com/speech-api/v1/recognize?xjerr=1&client=chromium&lang=en-US&maxresults=1 (This is the URL that this api uses to get response from Google)
I also created a API key as mentioned in the earlier posts and tried to use the url (this is version 2 API): www.google.com/speech-api/v2/recognize?output=json&lang=en-US&key=MYKey". But in this case I get a null response from Google.
Can anybody please tell me how to get around this?
I change some things from the Recognizer class:
I change the GOOGLE_RECOGNIZER_URL constant to:
private static final String GOOGLE_RECOGNIZER_URL = "https://www.google.com/speech-api/v2/recognize?output=json&lang=en-us&key=YOUR_KEY";
Then I changed this method because the response data have 2 lines
private String rawRequest(File inputFile, int maxResults, int sampleRate) throws IOException
The first line (the one that is read and sent) is null (i don¡t really know why) and the second line has the response of the speech recognized. For this you must read the second line (don't know if there is a nicer way):
String response = br.readLine();
response = br.readLine();
br.close();
return response;
Then I change this method, I think it was using the v1 URL response or something because this method looks for utterance in the json response and there is none utterance key.
private void parseResponse(String rawResponse, GoogleResponse googleResponse)
if (rawResponse == null)
return;
JSONObject jsonObject = new JSONObject(rawResponse);
JSONArray jsonArray= (JSONArray) jsonObject.get("result");
JSONArray jsonArrayResult = (JSONArray) jsonArray.getJSONObject(0).get("alternative");
googleResponse.setResponse(jsonArrayResult.getJSONObject(0).get("transcript").toString());
googleResponse.setConfidence(jsonArrayResult.getJSONObject(0).get("confidence").toString());
I'm new with the json library so it might be a better and shorter way but this worked for me!
String response = javax.swing.JOptionPane.showInputDialog("Enter new database name:");
This throws a null pointer error if the user x's out of the optionpane
Firstly, why can't response hold a null value?
secondly, how do i handle this?
full code:
String response = javax.swing.JOptionPane.showInputDialog("Enter new database name:").trim() + ".xml";
if(response != null){
File newData = new File("src\\golfdatabase\\Databases\\" + response);
try {
newData.createNewFile();
databaseComboBox.addItem(response);
} catch (IOException ex) {
Logger.getLogger(GolfDriver.class.getName()).log(Level.SEVERE, null, ex);
}
databaseComboBox.setSelectedItem(response);
disableButtonsNullList(false);
}
You have to check the return value for null and then invoke the method trim
String response = javax.swing.JOptionPane.showInputDialog("Enter new database name:");
if(response!=null)
response = response.trim()+".xml";
It gives null back when you click on "Cancel" try something like that:
String response = javax.swing.JOptionPane.showInputDialog("Enter new database name:");
if(response != null){
response = response.trim() + ".xml";
}
Take note that: String response = JOptionPane.showInputDialog(....);
Would have been enough to create the JOptionPane.
Firstly: Yes responses CAN hold a null value, but your code snippet does not show how you handle the responses so there is no way for me to tell why it is throwing them.
Secondly: That again depends on how you are handling the responses, please elaborate more on your code.
EDIT: try adding a String cast as the java tutorial suggests you do:
http://docs.oracle.com/javase/tutorial/uiswing/components/dialog.html
EDIT2: While Octopus found the problem in a piece of code (that I shamefully overlooked) please keep in mind the above points because they still hold true.
I am using JavaMail to receive mails.
At first,I develop under Mac OS X.The example I found from Internet seems like this:
public void getMailContent(Part part) throws Exception {
String contenttype = part.getContentType();
int nameindex = contenttype.indexOf("name");
boolean conname = false;
if (nameindex != -1)
conname = true;
System.out.println("CONTENTTYPE: " + contenttype);
if (part.isMimeType("text/plain") && !conname) {
bodytext.append((String) part.getContent());
} else if (part.isMimeType("text/html") && !conname) {
bodytext.append((String) part.getContent());
} else if (part.isMimeType("multipart/*")) {
Multipart multipart = (Multipart) part.getContent();
int counts = multipart.getCount();
for (int i = 0; i < counts; i++) {
getMailContent(multipart.getBodyPart(i));
}
} else if (part.isMimeType("message/rfc822")) {
getMailContent((Part) part.getContent());
} else {}
}
But I found it don't work.The return value is a extends of InputStream.
So I use this to solve the problem.
InputStreamReader isr = new InputStreamReader((InputStream) part.getContent(), language);
BufferedReader br = new BufferedReader(isr);
String line = null;
StringBuilder sb = new StringBuilder();
while ((line = br.readLine()) != null) {
sb.append(line).append("\n");
}
result = MimeUtility.decodeText(sb.toString());
But recently,I got a new pc and run the code above under Windows 7,It don't work also.The exception is java.lang.String cannot be cast to java.io.InputStream.The part.getContent() returns a String as the example on internet.
I just don't know the reason.And how to run is properly on both mac and windows or any way to avoid this issue and get the content of the part.
Thanks.
I faced the same problem, found the reason (though, I suppose, this is not necessarily the only reason that may lead to the problem), and fixed it, so I decided to post the solution.
In my case, I was building Android application. In Android, some classes are missing in its javax.security package, so the asmack helper package was used, and JavaMail library has been built from sources.
The problem was, that I did not pack required resources into the javamail jar. Specifically, the following files should be packed while exporting the jar:
dsn.mf
javamail.charset.map
javamail.default.address.map
javamail.default.providers
javamail.imap.provider
javamail.pop3.provider
javamail.smtp.address.map
javamail.smtp.provider
mailcap
After the fix, I'm getting properly decoded content just from the getContent method. The clue was found on this page.
Scanner sc=new Scanner(contenttype);
while(sc.hasNext()){
sc.next();
}
use this piece of code.....modify according to your need....and you dont need to do the typecasting.
I solved my own problem by using instanceof, though I still don't know why this works.
Hi I've set up a java app. and I can connect and such and my facebook session validates.
I can get the person signed in id and the info etc. but the app that I am using I cant get to the content.
I've tried it with my own id and using it but facebook seems to spit back a whole lot of garbage that I am assuming that its thinking that I am some kind of bot or spider... as the term spider is referenced a couple times in that garbage.
my code is as follows
public class m extends WebPage {
public m() {
FaceBookSession session = (FaceBookSession) getSession();
String contents = "";
System.err.println("*****************************************************************");
System.err.println("id ==================" + session.getId());
System.err.println("name ==================" + session.getUserName());
try {
URL aURL = new URL("http://apps.facebook.com/<___>/profile.php?snuid=<__>");
URLConnection aURLc = aURL.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(aURLc.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null) {
contents = contents + " <br> " + inputLine;
System.out.println(inputLine);
}
in.close();
} catch (Exception e) {
e.printStackTrace();
}
this.add(new Label("username", session.getId()));
this.add(new Label("user", session.getUserName()));
this.add(new Label("id", contents));
System.err.println("*****************************************************************");
Is there something that I can do? I've tried this with myself and my account and I am logged into facebook and using the app in question. but when I run this program I cant gain access to the application im usings page to pull the content.
I just want to be able to access all my applications that I am using and display their contents/page all together on one single page.
[EDIT] - I'm pretty sure the problem is to do with that the program isn't emulating a browser or something like that, cookies etc. that the program doesnt pass the info needed or sommething. maybe there is a way to "log in" via a java program first then proceed to the wanted page.
Cheers for any help