I am using struts 1.2.
I need to design a validation that reject characters %,/,?,<,>.
As you can identify last two characters need to be escaped but I am unable to find any specific rules of regex in struts.
String str; //the string to check - load it up with the value from the form
....
if(str.contains("%") || str.contains("/") || str.contains("?") || str.contains("<") || str.contains(">")){
//string contains invalid chars
}else{
//string contains vaild chars
}
No regex involved, and no need to escape chars :) - although there may be better ways of doing it.
This might help you
<constant>
<!--All characters except < > " ' & % ; | and ~-->
<constant-name>allchars</constant-name>
<constant-value>^[^<>"'&%;|~]*$</constant-value>
</constant>
Related
I have the following regular expression that I'm using to remove the dev. part of my URL.
String domain = "dev.mydomain.com";
System.out.println(domain.replaceAll(".*\\.(?=.*\\.)", ""));
Outputs: mydomain.com but this is giving me issues when the domains are in the vein of dev.mydomain.com.pe or dev.mydomain.com.uk in those cases I am getting only the .com.pe and .com.uk parts.
Is there a modifier I can use on my regex to make sure it only takes what is before the first . (dot included)?
Desired output:
dev.mydomain.com -> mydomain.com
stage.mydomain.com.pe -> mydomain.com.pe
test.mydomain.com.uk -> mydomain.com.uk
You may use
^[^.]+\.(?=.*\.)
See the regex demo and the regex graph:
Details
^ - start of string
[^.]+ - 1 or more chars other than dots
\. - a dot
(?=.*\.) - followed with any 0 or more chars other than line break chars as many as possible and then a ..
Java usage example:
String result = domain.replaceFirst("^[^.]+\\.(?=.*\\.)", "");
Following regex will work for you. It will find first part (if exists), captures rest of the string as 2nd matching group and replaces the string with 2nd matching group. .*? is non-greedy search that will match until it sees first dot character.
(.*?\.)?(.*\..*)
Regex Demo
sample code:
String domain = "dev.mydomain.com";
System.out.println(domain.replaceAll("(.*?\\.)?(.*\\..*)", "$2"));
domain = "stage.mydomain.com.pe";
System.out.println(domain.replaceAll("(.*?\\.)?(.*\\..*)", "$2"));
domain = "test.mydomain.com.uk";
System.out.println(domain.replaceAll("(.*?\\.)?(.*\\..*)", "$2"));
domain = "mydomain.com";
System.out.println(domain.replaceAll("(.*?\\.)?(.*\\..*)", "$2"));
output:
mydomain.com
mydomain.com.pe
mydomain.com.uk
mydomain.com
I would like to find a pattern where [^#$%_-]COMMENT should be true and string "COMMENT" should also be true.
Case 1 : #COMMENT true
Case 2 : #COMMENT false
Case 3 : COMMENT true
For Case 3 i am getting false
My regular expression is [^#\'\"$%_-|]COMMENT
Try a lookbehind assertion (?<![#$%'_"-])COMMENT
Stringed "(?<![#$%'_\"-])COMMENT"
If you actually want to match the character before, as well as comment,
it would be this \S?(?<![#$%_-])COMMENT
Stringed "\\S?(?<![#$%'_\"-])COMMENT"
Load up the class with [stuff not allowed].
When you use the class inside a negative assertion, you don't need the
negated class [^] anymore since it is positively addressed as not allowed
via a negative assertion.
You can use this.
^[^#$%-]?COMMENT$
[^#$%-]? -> not contain any of these characters.
String c1 = "#COMMENT";
String c2 = "#COMMENT";
String c3 = "COMMENT";
System.out.println(c1.matches("^[^#$%-]?COMMENT$"));
System.out.println(c2.matches("^[^#$%-]?COMMENT$"));
System.out.println(c3.matches("^[^#$%-]?COMMENT$"));
the corrrect java regex for our case would be
String regex = "[^#\'\\"\$%\-|]COMMENT"
You can test the output at regex101
I am passing a String value in a URL
eg: http://localhost:8080/webservice/useradmin/a%bghijlk123/0978+gh
The String "ab%ghijlk123/0978+gh" breaks the URL.
What are the available options to overcome this.
Is encoding the string the only option? There must be minimal code change. Any server side configurations can be used to achieve this?
Kindly provide suggestions please.
Is encoding the string the only option?
It is the only correct option.
Use URLEncoder.encode("ab%ghijlk123/0978+gh", "UTF-8"),
which will give you ab%25ghijlk123%2F0978%2Bgh, for a full URL of:
http://localhost:8080/webservice/useradmin/ab%25ghijlk123%2F0978%2Bgh
The URL http://localhost:8080/webservice/useradmin/a%bghijlk123/0978+gh is invalid.
The URL specification (RFC3986) says that path segments (the values separated by a /) may only consist of:
ALPHA: "a"-"z", "A"-"Z"
DIGIT: "0"-"9"
Special chars: - . _ ~ ! $ & ' ( ) * + , ; = : #
pct-encoded: "%" HEXDIG HEXDIG
Values that has to be disallowed because they have other meanings are: / (path separator), ? (start of query), # (start of fragment), and % (start of 2-digit hex encoded char).
As you can see, the % sign is only allowed as a percent-encoded character, so %bg makes the URL invalid.
If the part after the useradmin/ is supposed to be the value ab%ghijlk123/0978+gh, then it must be encoded as shown above.
If the server rejects that as "400:Bad request", then the server is in error.
I use java and a regexp.
I've made a regexp for password validation :
String PASSWORD_PATTERN_ADVANCED = "^(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\\\\##$¤£µ§%&<>,.!:?;~{-|`'_^¨éèçàù)=}()°\"\\]\\[²³*/+]).{8,20}$";
or without the extra slash :
^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\\##$¤£µ§%&<>,.!:?;~{-|`'_^¨éèçàù)=}()°"\]\[²³*/+]).{8,20}$
whuch means (i may be wrong): at least one digit / at least one lowercase / at least one uppercase / at least one of the special chars listed / with a minimum total length of 8 and a max of 20...
made a test case generating password for success and failure...
success -> OK, all passed
failure -> Almost OK ...
The only password that fails to fail :D are the ones with space in it like :
iF\ !h6 2A3|Gm
¨I O7 gZ2%L£k vd~39
2< A Uw a7kEw6,6S^
cC2c5N#
6L kIw~ Béj7]5
ynRZ #44ç
9A `sè53Laj A
s²R[µ3 9UrR q8n
I am puzzled.
Any thoughts to make it works ?
Thanks
A regex may not be the right tool for the job here.
Regexes are best suited for matching patterns; what you're describing isn't really a pattern, per se; it's more of a rule set. Sure, you may be able to create some regex that helps, but it's a really complex and opaque piece of code which make maintenance a challenge.
A method like this might be a better fit:
public boolean isValidPassword(String password) {
boolean containsLowerCase;
boolean containsUpperCase;
boolean containsInvalid;
boolean containsSpecialChar;
boolean containsDigit;
for(char c: password.toCharArray()) {
containsLowerCase ||= Character.isLowerCase(c);
containsUpperCase ||= Character.isUpperCase(c);
containsDigit ||= Character.isDigit(c);
containsSpecialChar ||= someMethodForDetectingIfItIsSpecial(c);
}
return containsLowerCase &&
containsUpperCase &&
containsSpecialChar &&
containsDigit &&
!containsInvalid &&
password.length >=8 && password.length <=20;
}
You'd need to decide the best way to detect a special character (specialCharArray.contains(c), regular expression, etc).
However, this approach would make adding new rules a lot simpler.
I may be wrong but if you simply don't want spaces then use [^\\s] instead of . in your lookahead.
String PASSWORD_PATTERN_ADVANCED =
"^(?=[^\\s]*\\d)"
+ "(?=[^\\s]*[a-z])"
+ "(?=[^\\s]*[A-Z])"
+ "(?=[^\\s]*[\\\\##$¤£µ§%&<>,.!:?;~{-|`'_^¨éèçàù)=}()°\"\\]\\[²³*/+])"
+ ".{8,20}$";
None of your conditions are stating what can't be in the password, only what must. You need one more condition that combines all the possible valid characters and makes sure all characters in the password are in that list (i.e., (\d|[a-z]|[A-Z]|##$...){8,20} as the final condition). Either that or a list of rejected characters.
I need to split up a string according to multiple tokens which also may have multiple charecter like given bellow,
word1:word2|word3||word4|word5|||word6|word7
I need to token the above string according to ':', '|', '||', '|||'.
Is it possible with StringTokenizer or else what is the code to tokenize it using Regular Expression split??.. Remember, i also need the token in the resulted array...
You can use the StringUtils Lang API.
Please find the Javadocs for the same here.
It has the following methods -
Substring/Left/Right/Mid - null-safe substring extractions
SubstringBefore/SubstringAfter/SubstringBetween - substring extraction relative to other strings
This is possible with StringTokenizer. But this has to be multi-step process.
Obviously, you can split the String like this:
line.split ("[:|]+")
res113: Array[java.lang.String] = Array(word1, word2, word3, word4, word5, word6, word7)
But what were the delimiters? Well - obviously the opposite:
line.split ("[^:|]+")
res114: Array[java.lang.String] = Array("", :, |, ||, |, |||, |)
I dont know if any API available.you can solve like below.
steps should be.
1.take String
2.define regex to be replaced //you should know them in advance
3.loop all expressions
4.replace every expression with Space.
5.now you can use String tokenizer.
String str="word1:word2|word3||word4|word5|||word6|word7";
String[] tokens={"[:]","[|]{3}","[|]{2}","[|]"};
for (int i = 0; i < tokens.length; i++) {
str=str.replaceAll(tokens[i], " ");
System.out.println(str);
}