public class FormParser extends Object
parse(uri) and parse(request).
See also FormData.parse(uri)
and FormData.parse(request)
which use this parser with default configuration.
A parser can be configured by methods like charset(Charset).
These methods return `this` for method chaining. For example
FormParser parser = new FormParser()
.charset(StandardCharsets.US_ASCII)
.maxFileEntries(3)
;
parser.parse(...);
A parser can be cached to parse multiple requests concurrently, as long as its configuration is no longer modified.
static final FormParser parser = new FormParser().maxFileEntries(0); // disallow file upload
By default, detectCsrf is enabled.
If a request is POST, parse(request) uses the following heuristics
to determine that the request is not CSRF.
csrfTokenName(String) and CsrfToken.
"Origin: http://localhost:8080".
"Referer: http://localhost:8080/show".
Otherwise, parse(request) fails with CsrfException.
Note that false detection is possible - the request is suspected as CSRF while
in reality it is legitimate.
See Generate a response for a CsrfException
| Constructor and Description |
|---|
FormParser()
Create a parser with default settings.
|
| Instance Methods | |
|---|---|
FormData |
parse(CharSequence uri)
Parse the URI for form data.
|
Async<FormData> |
parse(HttpRequest request)
Parse the request for POST form data.
|
FormParser |
charset(Charset charset)
The charset, used for decoding bytes to chars.
|
FormParser |
detectCsrf(boolean detectCsrf)
Whether to detect CSRF.
|
FormParser |
csrfTokenName(String csrfTokenName)
The name of the CSRF token.
|
FormParser |
maxEntryKeyBytes(int maxEntryKeyBytes)
Max length of any entry key, in bytes.
|
FormParser |
maxParamEntries(int maxParamEntries)
Max number of parameter entries.
|
FormParser |
maxParamValueTotalBytes(long maxParamValueTotalBytes)
Max length of all parameter values combined, in bytes
|
FormParser |
maxFileEntries(int maxFileEntries)
Max number of file entries
|
FormParser |
maxFileNameBytes(int maxFileNameBytes)
Max length of filename in any file entry, in bytes.
|
FormParser |
maxFileSize(long maxFileSize)
Max size of any file.
|
FormParser |
tmpFileDir(String tmpFileDir)
The tmp dir for storing files.
|
public FormParser()
Use methods like charset(Charset) to configure the parser after construction.
public FormData parse(CharSequence uri) throws ParseException, OverLimitException
The query component of the URI is expected to be "application/x-www-form-urlencoded".
This method can be used for any request URI, regardless of the request method.
ParseException - the query component of the URI is not valid "application/x-www-form-urlencoded".OverLimitException - a conf limit is exceeded, for example "maxParamEntries"public Async<FormData> parse(HttpRequest request)
If the request method is POST, and the Content-Type is "multipart/form-data"
or "application/x-www-form-urlencoded",
the request body is parsed accordingly.
This is an Async action. The action may fail with the following exceptions:
ParseException - the request does not contain valid POST form data OverLimitException - a conf limit is exceeded, for example "maxParamEntries"CsrfException - the request is suspected to be CSRFException - other errors, e.g. network error while reading request bodypublic FormParser charset(Charset charset)
default: UTF-8
public FormParser detectCsrf(boolean detectCsrf)
default: true
public FormParser csrfTokenName(String csrfTokenName)
default: CsrfToken.DEFAULT_NAME
public FormParser maxEntryKeyBytes(int maxEntryKeyBytes)
default: 64
public FormParser maxParamEntries(int maxParamEntries)
default: 256
public FormParser maxParamValueTotalBytes(long maxParamValueTotalBytes)
default: 16*1024 (16KB)
public FormParser maxFileEntries(int maxFileEntries)
default: 1
public FormParser maxFileNameBytes(int maxFileNameBytes)
default: 256
public FormParser maxFileSize(long maxFileSize)
default: 16*1024*1024 (16MB)
public FormParser tmpFileDir(String tmpFileDir)
default: "/tmp/bayou/form_data_files"