Filtering Embedded String Errors via MethodsString Method Filters provides another means of filtering certain strings from the embedded strings errors reports. Instead of filtering them based upon patterns they contain, this category filters strings from the report based on methods, functions, or constructors into which they are passed. Your code likely contains many method or functions
that are passed string arguments. When you are sure that any string passed
into function For example, the Java method: javax.servlet.ServletRequestWrapper.getParameter(String s) is in the list below, because although it takes a string argument, this string would never appear as text visible to an end user. The Inherited column lists the name of the Rule Set that defined the string method filter. A value of 'No' indicates that the filter is local to the Rule Set. Local filters can be modified and/or deleted. Inherited filters can be overridden. To disable a local string method filter, uncheck the box. To create a filter, select the New String Method Filter link at the top of the page. This displays the Create String Method Filter form, shown below. The page contains five fields (six fields if the language of the rule set is Java) used to describe a rule: Name, Pattern, Class or Variable Type(s) if Java, Description, Help Page, and Enabled. Use the Name field to give your filter a brief, meaningful name. The Pattern is technically a regular expression, but Globalyzer uses internal algorithms along with the expression to determine whether strings are being passed into these methods. For this reason there are rules that must be followed when specifying the pattern.
The Class or Variable Type(s) field is currently available for Java Rule Sets only.
This field is a comma-separated list of fully qualified Class or Variable Type(s).
It allows you to associate Classes/Types with the method name so filtering will only take
place when the embedded string is passed to the method of a specified Class/Type.
Let's say you want to filter strings passed to Use the Description field to explain why this string can be filtered. Use the Category field to set a category that can be enabled or disabled in bulk for a ruleset. The Help Page field is where you can provide a URL link for the filter. This link may provide more information on the filter. The Enabled field determines whether the filter is processed by Globalyzer (checked) or ignored by Globalyzer for now (unchecked). Once you've provided the string method filter information, click the Create button. The Edit String Method Filters list redisplays, showing your changes. If a string method filter is local to the Rule Set, it can be modified and/or deleted. Click on its name hyperlink from the Edit String Method Filters list. This displays the Edit String Method Filter page, shown below. All fields are modifiable. Press Update to save any changes. Press Delete to delete the filter. After updating or deleting, the Edit String Method Filters list redisplays, showing your changes. If a string method filter inherited, it can be overridden. Maybe you want to disable the inherited filter in your Rule Set. Click on its name hyperlink from the Edit String Method Filters list. This displays the Override String Method Filter page, shown below. All fields are modifiable, but if you change the pattern field, you will end up creating an entirely new filter, rather than overriding the inherited one. Press Create to create the override string method filter. After creating, the Edit String Method Filters list redisplays, showing your local filter. To return to the Customize Rule Set page, select the Back to Summary link. Note: The default list of String Method Filters created for each new Rule Set is not a comprehensive listing of all methods within that programming language that take strings that aren't likely to be displayed to the end user. We have included only the more frequently used methods that we have run across in client projects and testing. These defaults - as with all Rule Set defaults - will be updated as we notice new methods that should be added. If you run across a method in the standard API for your programming language that you think should come as a default, please email the information to support@lingoport.com. Not Supported: Globalyzer does not support this category of filtering for XML or HTML. |