如何区分一个字符串中的两个字符串？（如何防止纯文本注入） [英] How to distinguish two strings in a String?(How to prevent plain text injection)

问题描述

说我有两个随机生成的字符串。

Say I have two randomly generated Strings.

如何用生成的两个字符串制作单个字符串，同时能够将它们拆分以得到原来有两个字符串供以后使用？

What can I do to make a single String with the two Strings generated, while being able to split them to get the original two Strings for later use?

例如，我有 [aweiroj\3aoierjvg0_3409和 4093 w_ / e9。如何将这两个词附加到一个变量中，同时又能将其拆分为两个原始字符串？

For example, I have "[aweiroj\3aoierjvg0_3409" and " 4093 w_/e9 ". How can I attach those two words into one variable while being able to split them to original two Strings?

我的问题是，我似乎找不到用于它的正则表达式.spit（），因为这两个字符串可以有任何字符（字母，整数，\，/，空格...）。

My problem is, I can't seem to find a regex for .spit() because those two strings can have any chararacters(alpabet, integer, \, /, spaces...).

我只是想到一个可以使用它的现实情况。 有时，通过网络（HTTP）发送纯文本是比xml或json更好。具有快速宽带的慢服务器-使用xml或json，具有宽带慢的快速服务器-使用纯文本。下面的答案可能会阻止纯文本注入。但是，这些方法未进行基准测试或测试，我可能会在实际使用它们之前对其进行测试。

I just thought of a real life case where this could be used. Sometimes, sending plain text over network(HTTP) is better than xml or json. Slow server with fast broadband - use xml or json, fast server with slow broadband - use plain text. The answers below could prevent plain text injection. However, these methods are not benchmarked or tested, I would probably test these methods before actually using them.

推荐答案

简短的答案是：不要那样做。使用数组或具有两个数据成员的类，但是将字符串组合成一个字符串可能是个坏主意。

The short answer is: Don't do that. Use an array, or a class with two data members, but combining the strings together into one string is probably a bad idea.

但是如果您有一些真正晦涩的用例， ，您可以：

But if you have some truly obscure use case, you can:

1. 创建一个足够独特的定界符，例如<<" Jee Seok Yoon's Delimiter>>>> code>。

final static String DELIM = "<<Jee Seok Yoon's Unique Delimiter>>";
String a = /*...*/;
String b = /*...*/;
String combined = a + DELIM + b;

int breakAt = combined.indexOf(DELIM);
String a1 = combined.substring(0, breakAt);
String b1 = combined.substring(breakAt + DELIM.length());

有一个更简单的分隔符，如果出现在字符串中则可以转义。

Have a simpler delimiter that you escape if present in the string.

记住第一个字符串的长度，并将其存储在统一字符串中，后跟一个长度结尾定界符。

Remember the length of the first string and store it in your unified string followed by an "end of length" delimiter.

String a = /*...*/;
String b = /*...*/;
String combined = String.valueOf(a.length()) + "|" + a + b;

int breakAt = combined.indexOf("|");
int len = Integer.parseInt(combined.substring(0, breakAt), 10);
String a1 = combined.substring(breakAt + 1, len);
String b1 = combined.substring(breakAt + 1 + len);

（两个代码示例均为<强>完全即席且未经测试。）

(Both code examples are completely off-the-cuff and untested.)

这篇关于如何区分一个字符串中的两个字符串？（如何防止纯文本注入）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！