View Javadoc
1   package org.apache.turbine.util;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import java.util.Date;
23  import java.util.Locale;
24  import java.util.TimeZone;
25  import java.util.regex.Matcher;
26  import java.util.regex.Pattern;
27  
28  import org.apache.commons.lang3.time.FastDateFormat;
29  import org.apache.turbine.Turbine;
30  import org.apache.turbine.pipeline.PipelineData;
31  
32  import jakarta.servlet.http.HttpServletResponse;
33  
34  /**
35   * This class provides utilities for handling some semi-trivial HTTP stuff that
36   * would otherwise be handled elsewhere.
37   *
38   * @author <a href="mailto:magnus@handpoint.com">Magnús Þór Torfason</a>
39   * @version $Id$
40   */
41  public class HttpUtils
42  {
43      /**
44       * Characters not allowed in external keys (name), that is not alphanumeric, underscore, hyphen, slash and dot.
45       * Validates only external key (name), as internal key may also contain colon and space.
46       */
47      private static final String CHARACTERS_NOT_ALLOWED_IN_KEY = "[^\\w_/\\.-]";
48      
49      private static final Pattern CNAIK_PATTERN = Pattern.compile(CHARACTERS_NOT_ALLOWED_IN_KEY);
50      /**
51       * The date format to use for HTTP Dates.
52       */
53      private static FastDateFormat httpDateFormat = FastDateFormat.getInstance(
54                  "EEE, dd MMM yyyy HH:mm:ss z",
55                  TimeZone.getTimeZone("GMT"),
56                  Locale.US);
57  
58      /**
59       * Formats a java Date according to rfc 1123, the rfc standard for dates in
60       * http.
61       *
62       * @param date The Date to format
63       * @return A String representation of the date
64       */
65      public static String formatHttpDate(Date date)
66      {
67          return httpDateFormat.format(date);
68      }
69  
70      /**
71       * This method sets the required expiration headers in the response for a
72       * given {@link PipelineData} object.  This method attempts to set all relevant headers,
73       * both for HTTP 1.0 and HTTP 1.1.
74       *
75       * @param pipelineData The {@link PipelineData} object we are setting cache information for.
76       * @param expiry The number of milliseconds until the document should expire,
77       * <code>0</code> indicating immediate expiration (i.e. no caching).
78       */
79      public static void setCacheHeaders(PipelineData pipelineData, int expiry)
80      {
81          HttpServletResponse response = pipelineData.get(Turbine.class, HttpServletResponse.class);
82  
83          if (0 == expiry)
84          {
85              response.setHeader("Pragma", "no-cache");
86              response.setHeader("Cache-Control", "no-cache");
87              response.setDateHeader("Expires", System.currentTimeMillis());
88          }
89          else
90          {
91              response.setDateHeader("Expires", System.currentTimeMillis() + expiry);
92          }
93      }
94      
95      /**
96       * Check, if there is any not allowed {@value #CHARACTERS_NOT_ALLOWED_IN_KEY}
97       * in parameters, eg. Turbine keys like actions, screens, layouts.
98       * 
99       * @param parameter or key to be checked
100      * @return True, if it contains any non allowed characters
101      */
102     public static boolean keyRequiresClean(String parameter) {
103         Matcher testMatcher = CNAIK_PATTERN.matcher(parameter);
104         return testMatcher.find();
105     }
106     
107     /**
108      * Cleans parameter/key from disallowed characters defined in {@link #CHARACTERS_NOT_ALLOWED_IN_KEY}.
109      * 
110      * @param parameter to be cleaned
111      * @return the cleaned parameter
112      */
113     public static String getCleanedKey(String parameter) {
114         return parameter.replaceAll(CHARACTERS_NOT_ALLOWED_IN_KEY,"");
115     }
116     
117 }