001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    package org.apache.geronimo.kernel.util;
018    
019    // import java.io.IOException;
020    import java.util.ArrayList;
021    import java.util.List;
022    import java.util.regex.Matcher;
023    import java.util.regex.Pattern;
024    
025    import org.apache.commons.logging.Log;
026    import org.apache.commons.logging.LogFactory;
027    
028    /**
029     * Utility functions related to Input validation.
030     *
031     * @version $Rev: 758274 $ $Date: 2009-03-25 22:40:27 +0800 (Wed, 25 Mar 2009) $
032     */
033    public class InputUtils {
034        private static final Log log = LogFactory.getLog(InputUtils.class);
035    
036        private static final Pattern ILLEGAL_CHARS = Pattern.compile("[\\.]{2}|[<>:\\\\/\"\'\\|]");
037    
038        public final static void validateSafeInput(String input) {
039            // look for illegal chars in input
040            if (input != null) {
041                Matcher inputMatcher = ILLEGAL_CHARS.matcher(input);
042                if (inputMatcher.find()) 
043                {
044                    log.warn("Illegal characters detected in input" + input);
045                    throw new IllegalArgumentException("input  "+input+" contains illegal characters: .. < > : / \\ \' \" | ");
046                }
047            }
048        }
049    
050        public final static void validateSafeInput(ArrayList<String> inputs) {
051            for (String input : inputs) {
052                validateSafeInput(input);
053            }
054        }
055    }