1. import java.util.HashMap;
  2. import java.util.Map;
  3. import java.util.logging.Logger;
  5. public class QueryStringValidator {
  7. private static final Logger logger = Logger.getLogger(QueryStringValidator.class.getName());
  9. public static String validateQueryString(String queryString, Map<String, String> allowedParameters) {
  10. if (queryString == null || queryString.isEmpty()) {
  11. logger.warning("Query string is null or empty.");
  12. return ""; // Or handle as appropriate for your use case
  13. }
  15. Map<String, String> parsedParams = parseQueryString(queryString);
  17. for (Map.Entry<String, String> entry : parsedParams.entrySet()) {
  18. String paramName = entry.getKey();
  19. String paramValue = entry.getValue();
  21. if (!allowedParameters.containsKey(paramName)) {
  22. logger.error("Invalid query parameter: " + paramName + " with value: " + paramValue);
  23. return ""; // Or handle as appropriate. Could return null, throw exception, etc.
  24. }
  26. // Optionally add validation logic for the parameter value here
  27. // Example: if (paramName.equals("age") && !isValidAge(paramValue)) { ... }
  28. }
  30. return queryString; // Return the original query string if all parameters are valid.
  31. }
  33. private static Map<String, String> parseQueryString(String queryString) {
  34. Map<String, String> params = new HashMap<>();
  35. if (queryString != null && !queryString.isEmpty()) {
  36. String[] pairs = queryString.split("&");
  37. for (String pair : pairs) {
  38. String[] parts = pair.split("=");
  39. if (parts.length == 2) {
  40. String paramName = parts[0];
  41. String paramValue = parts[1];
  42. params.put(paramName, paramValue);
  43. }
  44. }
  45. }
  46. return params;
  47. }
  49. public static void main(String[] args) {
  50. // Example usage
  51. Map<String, String> allowedParams = new HashMap<>();
  52. allowedParams.put("id", "true");
  53. allowedParams.put("name", "test");
  55. String queryString1 = "id=true&name=test&extra=value";
  56. String queryString2 = "id=true&name=test";
  57. String queryString3 = "id=true&name=test&age=30"; //age is not allowed
  59. String validatedQueryString1 = validateQueryString(queryString1, allowedParams);
  60. String validatedQueryString2 = validateQueryString(queryString2, allowedParams);
  61. String validatedQueryString3 = validateQueryString(queryString3, allowedParams);
  63. System.out.println("Validated Query String 1: " + validatedQueryString1);
  64. System.out.println("Validated Query String 2: " + validatedQueryString2);
  65. System.out.println("Validated Query String 3: " + validatedQueryString3);
  66. }
  67. }

Add your comment