Solved

Help refactoring a java code

Posted on 2016-08-09
8
56 Views
Last Modified: 2016-08-13
HI,
I came across a code like :
public class HTMLSanitizer {
    private static Whitelist whitelist;
    private static Document.OutputSettings settings;

    static {
        whitelist = Whitelist.basicWithImages();
        whitelist.addTags("div", "s", "span");
        whitelist.addAttributes(":all", "style");
        settings = new Document.OutputSettings();
        settings.prettyPrint(false);
    }

    public static String sanitizeHTML(String unsafeHTML) {
        return Jsoup.clean(unsafeHTML, "", whitelist, settings);
    }
}

Open in new window


I am basically using this code in my spring web application. to clean html before saving it into the Database.
I am using Jsoup and using the above class like : HTMLSanitizer.sanitizeHTML(text)

I need advice from experts on the way this class is designed. Do you see any problems here. This is the only class where i have used static blocks...
Other approach will be  to make a constructor of this class and annotate this class with @Component and then autowire it where i have to use it...
Please suggest what are the advantages or disadvantages of this approach ?

Thanks
0
Comment
Question by:Rohit Bajaj
8 Comments
 
LVL 16

Expert Comment

by:krakatoa
ID: 41749161
I don't think we can help with actual code - you've got to do that bit yourself. Experts can only make suggestions. Sadly, I don't have one for your particular case. And if it's not your own code anyway, then there's no chance, since it could be an infringement of copyright or patent.
0
 

Author Comment

by:Rohit Bajaj
ID: 41749179
there is no copy right infringment.. its something me and my friend both working on.. and this is a modified code... not the actual one...just to give idea about the approach..
0
 

Author Comment

by:Rohit Bajaj
ID: 41749180
there is no copy right infringment.. its something me and my friend both working on.. and this is a modified code... not the actual one...just to give idea about the approach..
0
 
LVL 16

Expert Comment

by:krakatoa
ID: 41749216
So then only the first condition applies.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 16

Expert Comment

by:krakatoa
ID: 41749221
By the way it's not " a code" (that is a term concerned with secrecy or cryptography) it's just "code".
0
 

Author Comment

by:Rohit Bajaj
ID: 41749330
HI,
I am not looking for coding help here.
I am looking for alternative approach and comparison between two approaches which i mentioned above..
0
 
LVL 3

Accepted Solution

by:
Mark Olsen earned 350 total points
ID: 41749427
You could move the static block into a constructor, then instantiate the object and call a member function to perform the work.

Something like this:

public class HTMLSanitizer {
    private Whitelist whitelist;
    private Document.OutputSettings settings;

   public HTMLSanitizer () {
      // do stuff that was in the static block
    }

    public String sanitizeHTML(String unsafeHTML) {
        // do the work that was in the static version of this function
    }
}

Open in new window



Then a class that uses this would do something like this:

String htmlString = "<html><body>Hello world!</body></html>";

HTMLSanitizer sanitizer = new HTMLSanitizer();

String sanitized = sanitizer.sanitizeHTML(htmlString);

Open in new window


The downside is the member variables are created and initialized every time the sanitizer is instantiated. If it's going to be used often the created object could be stored for reuse. There is an argument for the static version the code is only initialized once and re-used throughout the life of the application.
0
 
LVL 35

Assisted Solution

by:mccarl
mccarl earned 150 total points
ID: 41749668
If you think that it is very unlikely that you would ever have a situation that you would need to use multiple different settings/whitelist within the same app, then I would say the above is fine to use. But if you would need to use different settings or think that you may need this in the future, then it is probably better to refactor now to something like what you are talking about, ie. set the whitelist and settings up as beans, and inject them into an Object of the above class, and then inject that where you need to use it.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
topping1 challenge 7 71
Java array passed to SQL where clause 23 60
micro services spring boot application error 3 136
replace a word with other 1 40
Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now