I have the jsp which accepts the customers name.And this name is encoded when sent to the another service.The service checks the length of the name.If it exceeds more than 20 characters then it rejects the input.
Having said that, If the user enters any special charater like @ or $ or some thing else then the encoding processs will convert that single character in to 3 or 4 character long.So if the user enters say, 17 characters with couple of special characters then because of the encoding the length becomes more than 20 characters.
And if encoding is a must then prevent user from more than entering affective 20 chars. Use 'onkepup' event listener on the username text box to do it.
Sony Agrawal
Ranch Hand
Joined: Oct 04, 2009
Posts: 143
posted
0
We dont have access to that service class.
User is restricted to give less than 20 charcters but its because of the encoding the string length is incresing. And encoding is must
The encoding of the string (URL encoding I assume) is only needed to make sure the server understands all contents. On the server you don't need it to be encoded anymore so you can simply decode it back. A simple check for a total length of 20 should be enough.
Manish Singh wrote:why are you encoding the special characters?
Because the URL specification says that some characters have special meaning, and characters need to be encoded for communication between client and server. For instance, spaces become + signs or %20.
And if encoding is a must then prevent user from more than entering affective 20 chars. Use 'onkepup' event listener on the username text box to do it.
I'd use the maxlength attribute instead: <input maxlength="20" ...>. This cannot be disabled by turning off JavaScript support. There may still be ways to bypass this check but it's harder.
0
