You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Amey Jadiye (JIRA)" <ji...@apache.org> on 2017/07/20 18:14:00 UTC

[jira] [Comment Edited] (TEXT-74) StrSubstitutor: Ability to turn off substitution in values

    [ https://issues.apache.org/jira/browse/TEXT-74?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16095134#comment-16095134 ] 

Amey Jadiye edited comment on TEXT-74 at 7/20/17 6:13 PM:
----------------------------------------------------------

found the bug, you owe me a treat ! [~arendvr.com] ;) . give me some time I will raise PR with fix, I  want to refactor the code as below method is very big and have bug as well.
bq. private int substitute(final StrBuilder buf, final int offset, final int length, List<String> priorVariables) }} 



was (Author: ameyjadiye):
found the bug, you owe me a treat ! [~arendvr.com] ;) . give me some time I will raise PR with fix, I  want to refactor the code as {{private int substitute(final StrBuilder buf, final int offset, final int length, List<String> priorVariables) }} method is very big and have bug as well.

> StrSubstitutor: Ability to turn off substitution in values
> ----------------------------------------------------------
>
>                 Key: TEXT-74
>                 URL: https://issues.apache.org/jira/browse/TEXT-74
>             Project: Commons Text
>          Issue Type: Improvement
>            Reporter: Arend v. Reinersdorff
>            Priority: Minor
>              Labels: features
>             Fix For: 1.x
>
>
> StrSubstitutor replaces variables in values. And currently there's no way to turn this off.
> Why turn it off: I want to replace some variables in a simple template. Some of the replacement values are arbitrary user input.
> At the moment I escape all dollar signs in the replacement values with "$$". This is annoying. Especially as I use one template with variables as a value for another variable. Here I have to escape twice.
> Here's some example code. At the moment it prints:
> {code}
> Hello Hamburg from Hamburg
> {code}
> The commented line is my suggestion for this feature. If it works, it should print:
> {code}
> Hello ${city} from Hamburg
> {code}
> {code}
> // untrusted user input
> String userInputName = "${city}";
> String userInputCity = "Hamburg";
> Map<String, String> valueMap = new HashMap<>();
> valueMap.put("name", userInputName);
> valueMap.put("city", userInputCity);
> String source = "Hello ${name} from ${city}";
> StrSubstitutor strSubstitutor = new StrSubstitutor(valueMap);
> // strSubstitutor.setEnableSubstitutionInValues(false);
> System.out.println(strSubstitutor.replace(source));
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)