replace control characters with a space instead of deleting

planetlevel · planetlevel · commit c2adc5f6cbb1 · 2008-08-31T05:21:31.000Z
diff --git a/src/org/owasp/esapi/StringUtilities.java b/src/org/owasp/esapi/StringUtilities.java
@@ -27,15 +27,20 @@
 public class StringUtilities {
 
 	/**
-	 * Removes all unprintable characters from a string for use in an HTTP header
+	 * Removes all unprintable characters from a string 
+	 * and replaces with a space for use in an HTTP header
 	 * @param input
 	 * @return the stripped header
 	 */
 	public static String stripControls( String input ) {
 		StringBuffer sb = new StringBuffer();
 		for ( int i=0; i<input.length(); i++ ) {
 			char c = input.charAt( i );
-			if ( c > 0x20 && c < 0x7f ) sb.append( c );
+			if ( c > 0x20 && c < 0x7f ) {
+				sb.append( c );
+			} else {
+				sb.append( ' ' );
+			}
 		}
 		return sb.toString();
 	}
