making an 'extras' extension and would like api design advice

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

making an 'extras' extension and would like api design advice

I am currently making an extension object library for common methods to manipulate query strings.

I am after advice on how I can provide a best practice solution to access the HttpServletRequest given the restrictions?
Access to queryString has been restricted in certain scenarios to improve protection against code injection.

I would like the api to look like this, where the HttpServletRequest is passed in for convenience to grab
the query string and uri out of.

th:href="${#qs.addKeyValue(#request, 'location', 'europe')}"

Are these valid solutions / 'work arounds'?

1. Tell user to assign the query string to a variable first rather than deal directly with the #request due to guarding against code injection?

th:with="newQueryString=${#qs.addKeyValue(#request.getRequestURI(), #request.getQueryString(), 'location', 'europe')}"

// Now I can assign to the href

ps: the main issue I have with this is the api is getting very wordy so am looking for general design advice too.