12

In my project (Java/Play framework) I have an error handling routing that checks the response from a web service if the response is an error code, we display the corresponding error message saying what was the problem with the user input, the service checks user input validity.

When the user enter an % symbol, this logic breaks because the error display logic uses 

String.format(message, messageArgs);

Which interpolates the messageArgs intro the message String where it finds an %, and if the messageArgs contains an % as well I get an exception.

I need to sanitize, escape or otherwise remove the % from the user inputs, before displaying the message.

message: The requested email address %s is invalid messageArgs: orlybg%@gmail.com

Any advice on how to do this in Java in the simplest, shortest way?

here's a part of the error log

 java.util.UnknownFormatConversionException: Conversion = 'i'
   at java.util.Formatter$FormatSpecifier.conversion(Formatter.java:2646)
   at java.util.Formatter$FormatSpecifier.<init>(Formatter.java:2675)
   at java.util.Formatter.parse(Formatter.java:2528)
   at java.util.Formatter.format(Formatter.java:2469)
   at java.util.Formatter.format(Formatter.java:2423)
   at java.lang.String.format(String.java:2797)
   at controllers.api.PublicAPI.renderAPIError(PublicAPI.java:176)
   at controllers.api.DeviceAPI.setEmailAddress(DeviceAPI.java:736)
   at play.mvc.ActionInvoker.invokeWithContinuation(ActionInvoker.java:557)
   at play.mvc.ActionInvoker.invoke(ActionInvoker.java:508)
   at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:484)
   at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:479)
   at play.mvc.ActionInvoker.invoke(ActionInvoker.java:161)
   at Invocation.HTTP Request(Play!)

Thanks!

Improve this question
8
  • 2
    Can you show the error message? I don't think presence of % in messageArgs will be any issue. Commented Sep 20, 2013 at 18:23
  • Can you post an example of input that fails? Commented Sep 20, 2013 at 18:24
  • Ready just edited the post Commented Sep 20, 2013 at 18:29
  • It will be an issue if use String#format Commented Sep 20, 2013 at 18:30
  • I don't get what you mean @archer Commented Sep 20, 2013 at 18:32

3 Answers 3

Reset to default
8

In message String, the % sign is escaped with another %. So you will need to double it up: %%
For example: "Bla bla %i bla" -> "Bla bla %%i bla"
In messageArgs String, there is no problem with the % sign and you don't need to escape it

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

7

Use %% in the formatter string when you need to print string %:

String.format("sendOneSuccessCountRate: %7.2f%%"
              ,sendOneSuccessCountRate //0.95
             );

will give you 95.00%

Improve this answer

Comments

1

If you receive java.util.UnknownFormatConversionException: Conversion = 'i' most possibly you use %i in your message trying to format an integer, this is not correct. You must use %d to format the deciamal integer. Full supported conversion specification could be found here.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.