Module de.cuioss.http

Package de.cuioss.http.security.data

@NullMarked package de.cuioss.http.security.data
Data models and records for HTTP components.

This package provides immutable data models representing various HTTP components that can be validated. All data models are implemented as records for maximum immutability and thread safety.

Data Models

  • URLParameter - URL query parameter with key-value pair
  • Cookie - HTTP cookie with attributes
  • HTTPBody - HTTP request/response body with content type
  • AttributeParser - Utility for parsing attribute strings

Design Principles

  • Immutability - All data models are immutable after construction
  • Value Semantics - Records provide automatic equals, hashCode, and toString
  • Thread Safety - Safe for concurrent access without synchronization
  • Validation Support - Built-in methods for security-related checks

Usage Examples


 // URL Parameter
 URLParameter param = new URLParameter("search", "user input");
 if (param.isSensitive()) {
     // Handle sensitive parameter specially
 }

 // Cookie
 Map<String, String> attributes = Map.of("HttpOnly", "true", "Secure", "true");
 Cookie cookie = new Cookie("sessionId", "abc123", attributes);
 if (cookie.isSecuritySensitive()) {
     // Apply additional security checks
 }

 // HTTP Body
 HTTPBody body = new HTTPBody("application/json", jsonBytes);
 int contentLength = body.length();

Sensitive Data Detection

Data models include built-in methods to identify potentially sensitive information:

  • URLParameter.isSensitive() - Detects parameters with sensitive names
  • Cookie.isSecuritySensitive() - Identifies security-related cookies

Package Nullability

This package follows strict nullability conventions using JSpecify annotations:

  • All parameters and return values are non-null by default
  • Nullable parameters and return values are explicitly annotated with @Nullable
  • Collection and map values may be null where semantically appropriate
Since:
1.0
See Also:
  • Record Classes
    Class
    Description
    Cookie
    Immutable record representing an HTTP cookie with name, value, and attributes.
    HTTPBody
    Immutable record representing an HTTP request or response body with content, content type, and encoding.
    URLParameter
    Immutable record representing a URL query parameter with name and value.