Class SqlParameterEncoder


  • public class SqlParameterEncoder
    extends java.lang.Object
    Provides custom encoding and escaping functions for use by the JDBCQueryBuilder. Proper encoding/escaping reduces the likelihood of SQL penetration that may happen when called via the REST layer.
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static java.lang.String encode​(java.lang.String parameter)  
      static java.lang.String encode​(java.lang.String parameter, java.lang.String defaultEscapeCharacter, java.lang.String blackListCharactersRegex)  
      java.lang.String encodeParameter​(java.lang.String parameter)  
      java.lang.String getEscapeCharacter()  
      • Methods inherited from class java.lang.Object

        clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • DEFAULT_ESCAPE_CHARACTER

        public static final java.lang.String DEFAULT_ESCAPE_CHARACTER
        See Also:
        Constant Field Values
    • Constructor Detail

      • SqlParameterEncoder

        public SqlParameterEncoder()
      • SqlParameterEncoder

        public SqlParameterEncoder​(java.lang.String escapeCharacter,
                                   java.lang.String blackListCharactersRegex)
    • Method Detail

      • encodeParameter

        public java.lang.String encodeParameter​(java.lang.String parameter)
      • getEscapeCharacter

        public java.lang.String getEscapeCharacter()
      • encode

        public static java.lang.String encode​(java.lang.String parameter)
      • encode

        public static java.lang.String encode​(java.lang.String parameter,
                                              java.lang.String defaultEscapeCharacter,
                                              java.lang.String blackListCharactersRegex)