CODEWITHSUNDEEP
javaservletsexception
Andrea Catania
Andrea Catania

Reputation: 1383

Java validation class and exception

I have a form that send an email to a servlet that will test the validity.

This servlet invoke a class called EmailValidator and can catch 2 type of errors: longest string, and invalid email path.

When the former error will be catched, will throw the exception below:

throw new IllegalArgumentException( "The email is too long.", new Exception("email-too-long") );

When the latter error occurs will be throw:

throw new IllegalArgumentException( "The email is invalid because the \"@\"character is missing.", new Exception("invalid-email") );

Than the servlet catch the exception and and do the following:

try{
    new EmailValidator().validate( "test" );
}catch( IllegalArgumentException e ){
    log.error( e );
    Writer out = response.getWriter();
    out.write( e.getCause().getMessage()  ); // short message to the client.
    out.close();
}

The question is that, is a good way to send the message "invalid-email" to the client and send more accurate details to logger, like done above?

The client browser can handle only this type of string "invalid-email" or "email-too-long" to allert the client properly with a good messages not known by the server.

Thanks in advance and if exists tell me a way more accurate and/or smart to done this.

Upvotes: 0

Views: 79

Answers (1)

M Sach
M Sach

Reputation: 34424

I think you are fine here. As long as you are not sending the sensitive information to client , you are good. For example :- some error message reveals the column or table name to client which can be harmful for security reason. Just ensure message does not contain any kind sensitive information which i believe it does not.

Upvotes: 1

Related Questions