View Javadoc
1   package ca.uhn.fhir.util;
2   
3   /*
4    * #%L
5    * HAPI FHIR - Core Library
6    * %%
7    * Copyright (C) 2014 - 2018 University Health Network
8    * %%
9    * Licensed under the Apache License, Version 2.0 (the "License");
10   * you may not use this file except in compliance with the License.
11   * You may obtain a copy of the License at
12   * 
13   *      http://www.apache.org/licenses/LICENSE-2.0
14   * 
15   * Unless required by applicable law or agreed to in writing, software
16   * distributed under the License is distributed on an "AS IS" BASIS,
17   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18   * See the License for the specific language governing permissions and
19   * limitations under the License.
20   * #L%
21   */
22  
23  import java.util.StringTokenizer;
24  
25  public class UrlPathTokenizer {
26  
27  	private final StringTokenizer myTok;
28  
29  	public UrlPathTokenizer(String theRequestPath) {
30  		myTok = new StringTokenizer(theRequestPath, "/");
31  	}
32  
33  	public boolean hasMoreTokens() {
34  		return myTok.hasMoreTokens();
35  	}
36  
37  	/**
38  	 * Returns the next portion. Any URL-encoding is undone, but we will
39  	 * HTML encode the < and " marks since they are both
40  	 * not useful un URL paths in FHIR and potentially represent injection
41  	 * attacks.
42  	 *
43  	 * @see UrlUtil#sanitizeUrlPart(String)
44  	 * @see UrlUtil#unescape(String)
45  	 */
46  	public String nextTokenUnescapedAndSanitized() {
47  		return UrlUtil.sanitizeUrlPart(UrlUtil.unescape(myTok.nextToken()));
48  	}
49  
50  }