making an 'extras' extension and would like api design advice

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

making an 'extras' extension and would like api design advice

banker
I am currently making an extension object library for common methods to manipulate query strings.

I am after advice on how I can provide a best practice solution to access the HttpServletRequest given the restrictions?
Access to queryString has been restricted in certain scenarios to improve protection against code injection.
http://forum.thymeleaf.org/thymeleaf-3-0-9-request-queryString-td4031171.html


I would like the api to look like this, where the HttpServletRequest is passed in for convenience to grab
the query string and uri out of.

th:href="${#qs.addKeyValue(#request, 'location', 'europe')}"


Are these valid solutions / 'work arounds'?

1. Tell user to assign the query string to a variable first rather than deal directly with the #request due to guarding against code injection?

th:with="newQueryString=${#qs.addKeyValue(#request.getRequestURI(), #request.getQueryString(), 'location', 'europe')}"

// Now I can assign to the href
th:href="${newQueryString}"

ps: the main issue I have with this is the api is getting very wordy so am looking for general design advice too.