JSP: Sanitizing an URL parameter

[Elena]

Hello,

I'm writing a JSP whose result page should allow for redirection to an
URL specified by the caller via a GET parameter.

I'm going to assign that URL to Javascript's "document.location" and
that works, but I'd also like to "sanitize" the URL parameter to make
sure it is an URL instead of a nasty character combination which could
break my application. I'd like to employ a Java regex for that, but I
can't find a ready made regex to match URLs. Any pointer?

Thanks

 

[Shivasubramanian A]

but I'd also like to "sanitize" the URL parameter to make
sure it is an URL instead of a nasty character combination which could
break my application. I'd like to employ a Java regex for that, but I
can't find a ready made regex to match URLs. Any pointer?

I believe you can use the java.net.URL class to test whether the URL
is valid. If the URL throws a MalformedURLException, then its invalid.

Check http://stackoverflow.com/questions/1600291/validating-url-in-java
for more info.

Regards,
Shivasubramanian A

 

[Elena]

I believe you can use the java.net.URL class to test whether the URL
is valid. If the URL throws a MalformedURLException, then its invalid.

Checkhttp://stackoverflow.com/questions/1600291/validating-url-in-java
for more info.

Regards,
Shivasubramanian A

Thank you for your reply.

I did try that, but it allows passing malformed URLs too. Since I've
to embed such URL into a Javascript, I need it to be sanitized.