[Fortify] Fix Cross-Site Scripting: Persistent
Code snippet in JSP file:
Add dependency in pom.xml
Updated code snippet in JSP file:
Code snippet in JSP file:
1 2 | String content = report.getContent();
Add dependency in pom.xml
1 2 3 4 5 | <dependency> <groupId>org.owasp.encoder</groupId> <artifactId>encoder</artifactId> <version>1.2.1</version> </dependency> |
Updated code snippet in JSP file:
1 2 3 4 5 | <%@ page import="org.owasp.encoder.Encode"%> String content = report.getContent(acct_no,schema+"://"+server+":"+port); out.print(Encode.forHtml(content)); |
[HP Laptop] Function Keys 問題
剛拿到 HP Laptop 時,發現當我要按 F1 ~ F12 按鈕,都需要先按下 fn key 才能使用,若否則會啟動音量調整、螢幕亮度調整的功能。該如何設定,讓與系統預設的設定對調?
剛拿到 HP Laptop 時,發現當我要按 F1 ~ F12 按鈕,都需要先按下 fn key 才能使用,若否則會啟動音量調整、螢幕亮度調整的功能。該如何設定,讓與系統預設的設定對調?
須進入BIOS Setup 畫面進行設定,處理流程如下
Screenshot for Step 2
Screenshot for Step 3 and Step 4
Screenshot for Step 5
[Jackson] How to convert JSON string to YAML?
Assume I have a JSON string:
I would like to convert JSON string to YAML:
How to do it?
Take advantage of libraries can fulfill this requirement.
Add the following dependencies in pom.xml
Here has sample code:
Take advantage of libraries can fulfill this requirement.
Add the following dependencies in pom.xml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> <version>2.9.3</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> <version>2.9.3</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> <version>2.9.3</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.dataformat</groupId> <artifactId>jackson-dataformat-yaml</artifactId> <version>2.9.3</version> </dependency> |
Here has sample code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | package test.albert.jackson; import java.io.IOException; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.dataformat.yaml.YAMLMapper; import lombok.extern.slf4j.Slf4j; @Slf4j public class JacksonTest { public static void main(String[] args) throws IOException { Address address = Address.builder().zipCode("110").city("台北市").streetAddress("信義區信義路五段7號").build(); Employee albert = Employee.builder().id(1).name("Albert").email("albert@gmail.com").phone("0900123456") .address(address).build(); ObjectMapper mapper = new ObjectMapper(); // convert object to JSON String json = mapper.writeValueAsString(albert); log.debug(json); // convert JSON to YAML JsonNode jsonNode = mapper.readTree(json); String yaml = new YAMLMapper().writeValueAsString(jsonNode); log.debug("yaml = \n " + yaml); } } |
[Liquibase] How to fix checksum validation error
I am editing changelog-master.yaml, I got error message as I start up Spring boot:
Here has the process to solve this problem:
1. drop all tables which had already created in liquibase
2. clear all data in databasechangelog table
delete from databasechangelog
[Ant] java.lang.UnsupportedClassVersionError: com/sun/tools/javac/Main : Unsupported major.minor version 52.0
When I use Ant 1.10.1 to build my Java project, it occurs error as bellows:
The problem is 1.10.x releases require Java 8 at run time, but I am using Java 7 in my project.
Therefore, I need to use Ant 1.9.x releases instead of 1.10.x releases
[Maven] How to stop Maven to check for updates for artifacts in offline mode ?
I am using offline mode to build my project, the command is as bellows:
Go to your local repository (ex. C:/Users/albert/.m2), and delete all *.lastupdated and _remote.repositories files.
Then Maven won't check updates any more.
[PostgreSQL] How to assign customized numbering rule in primary key
Assume I have a table, loan_main, which have a primary key, loan_id, with numbering rule : LN_YYYYMMDD_9999999999.
How to insert data into loan_main automatically without caring how to build loan_id with this numbering rule.
In this case, we need to know
1. how to concatenate string, i.e. ||
2. how to get current date with specific format:
3. how to get value from sequence and pad zero to the left:
The syntax looks like:
Java Bean Validation example
Add dependencies to your pom.xml
Assume I have a Customer bean, it have 6 attributes which include id, name, gender, age, email and dateOfBirth.
These attributes have its validation rules:
The Java bean with bean validation annotation looks like:
Assume I have a CustomerService class to create Customer, it should validate Customer Java Bean before do insert. The main validate logic will be in validate method (line 25 ~ 38).
The resource class will prepare Customer Object and invoke create method which provide by CustomerService
Execution message in console:
<!-- validation start --> <dependency> <groupId>javax.validation</groupId> <artifactId>validation-api</artifactId> <version>2.0.0.Final</version> </dependency> <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-validator</artifactId> <version>6.0.2.Final</version> </dependency> <dependency> <groupId>org.glassfish</groupId> <artifactId>javax.el</artifactId> <version>3.0.1-b08</version> </dependency> <!-- validation end --> <!-- DI start --> <dependency> <groupId>com.google.inject</groupId> <artifactId>guice</artifactId> <version>4.1.0</version> </dependency> <!-- DI end --> <!-- lombok --> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <version>$1.16.18</version> <scope>provided</scope> </dependency> <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>21.0</version> </dependency>
[JSR 303 - Bean Validation] HV000183: Unable to initialize 'javax.el.ExpressionFactory'.
I am using JSR 303 to do bean validation.
When I try to initialize Validator instance .....
But I get the following error message:
Add this dependency to your pom.xml
[1] https://stackoverflow.com/questions/42718869/hibernate-validation-unable-to-initialize-javax-el-expressionfactory-error
[Google Guice] Dependency Injection Example
Google Guice is the framework to automate the dependency injection in applications. Google Guice is one of the leading frameworks whose main work is to provide automatic implementation of dependency injection.
Step 1. Add dependency in your pom.xml
Step 2. Create a service class to retrieve a person's contact people
Step 3. Create a resource to inject service class and retrieve person's contact people
Step 4. Create a test class
