Module de.cuioss.http

Package de.cuioss.http.security.core

Enum Class UrlSecurityFailureType

java.lang.Object

java.lang.Enum<UrlSecurityFailureType>

de.cuioss.http.security.core.UrlSecurityFailureType

All Implemented Interfaces:

Serializable, Comparable<UrlSecurityFailureType>, Constable

public enum UrlSecurityFailureType
extends Enum<UrlSecurityFailureType>

Comprehensive enumeration of security failure types for URL validation. Each failure type represents a specific class of security violation that can occur during URL processing and validation.

Design Principles

• Comprehensive Coverage - Covers all major URL security attack vectors
• Clear Categorization - Groups related failure types for easier handling
• Descriptive Names - Self-documenting enum values
• Immutable Design - Thread-safe for concurrent validation

Usage Example

 if (containsPathTraversal(path)) {
     throw UrlSecurityException.builder()
         .failureType(UrlSecurityFailureType.PATH_TRAVERSAL_DETECTED)
         .input(path)
         .build();
 }
 

Implements: Task B1 from HTTP verification specification

Since:

1.0

Nested Class Summary

Nested classes/interfaces inherited from class java.lang.Enum

Enum.EnumDesc<E extends Enum<E>>

Enum Constant Summary

Enum Constants

Enum Constant	Description
CONTROL_CHARACTERS	Control characters that could manipulate processing detected
DIRECTORY_ESCAPE_ATTEMPT	Attempt to escape from allowed directory structure detected
DOUBLE_ENCODING	Double URL encoding patterns detected (e.g., %252e for double-encoded '.')
EXCESSIVE_NESTING	Excessive directory nesting depth detected
INPUT_TOO_LONG	Input exceeds configured maximum length limits
INVALID_CHARACTER	Invalid or dangerous characters found in URL
INVALID_ENCODING	Invalid URL encoding sequences detected (e.g., incomplete percent encoding)
INVALID_HOST_FORMAT	Invalid host format detected
INVALID_IPV6_FORMAT	Invalid IPv6 address format detected
INVALID_STRUCTURE	Input structure violates expected format
INVALID_URL_FORMAT	Invalid URL format detected
KNOWN_ATTACK_SIGNATURE	Known attack signatures from security databases
MALFORMED_INPUT	Input structure is malformed or corrupted
MALFORMED_URL	Malformed URL structure detected
NULL_BYTE_INJECTION	Null byte injection attack detected (e.g., )
PATH_TOO_LONG	Path exceeds configured maximum length limits
PATH_TRAVERSAL_DETECTED	Path traversal patterns like "../" or equivalent encodings detected
PROTOCOL_VIOLATION	General protocol specification violation
RFC_VIOLATION	RFC specification violation (HTTP, URI, etc.)
SUSPICIOUS_PARAMETER_NAME	Suspicious parameter name commonly used in attacks
SUSPICIOUS_PATTERN_DETECTED	Suspicious patterns that match attack signatures
UNICODE_NORMALIZATION_CHANGED	Unicode normalization changed the input, potentially bypassing security checks

Method Summary

Modifier and Type	Method	Description
String	getDescription()	Returns the human-readable description of this failure type.
boolean	isCharacterAttack()	Indicates whether this failure type represents a character-based attack.
boolean	isEncodingIssue()	Indicates whether this failure type represents an encoding-related issue.
boolean	isIPv6HostAttack()	Indicates whether this failure type represents an IPv6 or host-based attack.
boolean	isPathTraversalAttack()	Indicates whether this failure type represents a path traversal attack.
boolean	isPatternBased()	Indicates whether this failure type represents a pattern-based detection.
boolean	isProtocolViolation()	Indicates whether this failure type represents a protocol violation.
boolean	isSizeViolation()	Indicates whether this failure type represents a size or length violation.
boolean	isStructuralIssue()	Indicates whether this failure type represents a structural issue.
static UrlSecurityFailureType	valueOf(String name)	Returns the enum constant of this class with the specified name.
static UrlSecurityFailureType[]	values()	Returns an array containing the constants of this enum class, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, describeConstable, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constant Details

INVALID_ENCODING

public static final UrlSecurityFailureType INVALID_ENCODING

Invalid URL encoding sequences detected (e.g., incomplete percent encoding)

DOUBLE_ENCODING

public static final UrlSecurityFailureType DOUBLE_ENCODING

Double URL encoding patterns detected (e.g., %252e for double-encoded '.')

UNICODE_NORMALIZATION_CHANGED

public static final UrlSecurityFailureType UNICODE_NORMALIZATION_CHANGED

Unicode normalization changed the input, potentially bypassing security checks

PATH_TRAVERSAL_DETECTED

public static final UrlSecurityFailureType PATH_TRAVERSAL_DETECTED

Path traversal patterns like "../" or equivalent encodings detected

DIRECTORY_ESCAPE_ATTEMPT

public static final UrlSecurityFailureType DIRECTORY_ESCAPE_ATTEMPT

Attempt to escape from allowed directory structure detected

INVALID_CHARACTER

public static final UrlSecurityFailureType INVALID_CHARACTER

Invalid or dangerous characters found in URL

NULL_BYTE_INJECTION

public static final UrlSecurityFailureType NULL_BYTE_INJECTION

Null byte injection attack detected (e.g., )

CONTROL_CHARACTERS

public static final UrlSecurityFailureType CONTROL_CHARACTERS

Control characters that could manipulate processing detected

PATH_TOO_LONG

public static final UrlSecurityFailureType PATH_TOO_LONG

Path exceeds configured maximum length limits

INPUT_TOO_LONG

public static final UrlSecurityFailureType INPUT_TOO_LONG

Input exceeds configured maximum length limits

EXCESSIVE_NESTING

public static final UrlSecurityFailureType EXCESSIVE_NESTING

Excessive directory nesting depth detected

SUSPICIOUS_PATTERN_DETECTED

public static final UrlSecurityFailureType SUSPICIOUS_PATTERN_DETECTED

Suspicious patterns that match attack signatures

SUSPICIOUS_PARAMETER_NAME

public static final UrlSecurityFailureType SUSPICIOUS_PARAMETER_NAME

Suspicious parameter name commonly used in attacks

KNOWN_ATTACK_SIGNATURE

public static final UrlSecurityFailureType KNOWN_ATTACK_SIGNATURE

Known attack signatures from security databases

MALFORMED_INPUT

public static final UrlSecurityFailureType MALFORMED_INPUT

Input structure is malformed or corrupted

INVALID_STRUCTURE

public static final UrlSecurityFailureType INVALID_STRUCTURE

Input structure violates expected format

PROTOCOL_VIOLATION

public static final UrlSecurityFailureType PROTOCOL_VIOLATION

General protocol specification violation

RFC_VIOLATION

public static final UrlSecurityFailureType RFC_VIOLATION

RFC specification violation (HTTP, URI, etc.)

INVALID_IPV6_FORMAT

public static final UrlSecurityFailureType INVALID_IPV6_FORMAT

Invalid IPv6 address format detected

MALFORMED_URL

public static final UrlSecurityFailureType MALFORMED_URL

Malformed URL structure detected

INVALID_HOST_FORMAT

public static final UrlSecurityFailureType INVALID_HOST_FORMAT

Invalid host format detected

INVALID_URL_FORMAT

public static final UrlSecurityFailureType INVALID_URL_FORMAT

Invalid URL format detected

Method Details

values

public static UrlSecurityFailureType[] values()

Returns an array containing the constants of this enum class, in the order they are declared.

Returns:

an array containing the constants of this enum class, in the order they are declared

valueOf

public static UrlSecurityFailureType valueOf(String name)

Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum class has no constant with the specified name

NullPointerException - if the argument is null

getDescription

public String getDescription()

Returns the human-readable description of this failure type.

Returns:

Description text suitable for logging and error reporting

isEncodingIssue

public boolean isEncodingIssue()

Indicates whether this failure type represents an encoding-related issue.

Returns:

true if this is an encoding-related failure type

isPathTraversalAttack

public boolean isPathTraversalAttack()

Indicates whether this failure type represents a path traversal attack.

Returns:

true if this is a path traversal-related failure type

isCharacterAttack

public boolean isCharacterAttack()

Indicates whether this failure type represents a character-based attack.

Returns:

true if this is a character-based failure type

isSizeViolation

public boolean isSizeViolation()

Indicates whether this failure type represents a size or length violation.

Returns:

true if this is a size/length-related failure type

isPatternBased

public boolean isPatternBased()

Indicates whether this failure type represents a pattern-based detection.

Returns:

true if this is a pattern-based failure type

isStructuralIssue

public boolean isStructuralIssue()

Indicates whether this failure type represents a structural issue.

Returns:

true if this is a structural failure type

isProtocolViolation

public boolean isProtocolViolation()

Indicates whether this failure type represents a protocol violation.

Returns:

true if this is a protocol-related failure type

isIPv6HostAttack

public boolean isIPv6HostAttack()

Indicates whether this failure type represents an IPv6 or host-based attack.

Returns:

true if this is an IPv6/host-related failure type