How to defend against XSS attacks in Java

Detect and remove XSS (cross site scripting) attacks from text entered through normalization. Cross site scripting (XSS) attacks are a form of threat that exploits vulnerabilities in Web applications to plunder user information. Using malicious scripts, attackers can attract different users through normally trusted Web pages and access any inf ...

Added by triphis on Wed, 09 Mar 2022 14:30:08 +0200

Actual JVM: principle and application of ClassLoader

preface I was asked such a question in the original interview. If you build a Java Lang. String class. Is the String class used in the system your defined String class or the String class in the native api? You can try and find that the String class in the native api is still used in the final system. Why does this happen? This has to start ...

Added by colbyg on Wed, 09 Mar 2022 09:56:50 +0200

Object instantiation, memory layout and access location

1, Instantiation of objects Large factory interview questions Meituan: How are objects stored in the JVM? What is in the object header information? Ant gold suit: Second side: what's in the java object header 1.1 object creation method new: the most common way, the static class method of calling getInstance in singleton class, and the stati ...

Added by nikosft on Sat, 05 Mar 2022 16:22:47 +0200

How to use Java to track JVM file system access

Use a custom security manager as a low overhead alternative to native tracers. Native tracing tools are always the first choice for tracking file system access to Java applications. On Windows, use Process Monitor to track I / O. On Linux, use strace. Other platforms also provide similar functions. By tracing directly in Java, you can address ...

Added by Tokunbo on Fri, 04 Mar 2022 05:07:34 +0200

Installation and use of Arthas in mac system

Arthas is a Java diagnostic tool open source by Alibaba in September 2018. It supports JDK6 + and adopts command-line interaction mode, which can easily locate and diagnose online program operation problems. The official document of Arthas is very detailed. See: https://alibaba.github.io/arthas Arthas usage scenario Thanks to the powerful ...

Added by spicey on Wed, 02 Mar 2022 16:02:32 +0200

The use of CO process in java

background Java collaboration. We haven't heard much about Java collaboration for so long, but we often hear the concept of collaboration. This article introduces the specific use of collaboration in Java. I've seen a lot of examples of java using quasar framework to realize collaborative process, but many of them are written in the wrong ...

Added by fisicx on Wed, 02 Mar 2022 12:20:40 +0200

Detailed explanation of direct ByteBuffer

https://blog.csdn.net/huangyu1985/article/details/103939462 1. Introduction The bottom layer of ByteBuffer is through byte Array is used to store data. The so-called direct buffering means that byte arrays are stored outside the heap and do not exist on the jvm heap, which is not constrained by jvm garbage collection. 2. Creation methods o ...

Added by tomwerner on Mon, 28 Feb 2022 11:01:29 +0200

JVM -- garbage collection

2, Garbage recycling How to judge whether an object can be recycled Garbage collection algorithm Generational waste recycling Garbage collector Garbage collection tuning 1. How to judge whether an object can be recycled 1.1 reference counting method Disadvantages: 1.2 reachability analysis algorithm The garbage collector in Java v ...

Added by karthikeyan_coder on Sun, 27 Feb 2022 08:55:45 +0200

Class loader

Learning objectives Through the analysis of source code level, understand the direct relationship between the three loaders and the understanding of parental delegation mechanism​ Introduction to class loader The design team of Java virtual machine intentionally put the binary byte stream describing a class obtained through the full class ...

Added by paulbrown83 on Sat, 26 Feb 2022 14:21:49 +0200

JVM parameters and memory model

1. Why should we optimize the jvm? In the local development environment, we rarely encounter the need to optimize the jvm, but in the production environment, we may have the following requirements: The running application is "stuck", the log does not output, and the program does not respond The CPU load of the server suddenly incr ...

Added by DarkHavn on Wed, 23 Feb 2022 13:03:37 +0200