How to defend against XSS attacks in Java
Detect and remove XSS (cross site scripting) attacks from text entered through normalization.
Cross site scripting (XSS) attacks are a form of threat that exploits vulnerabilities in Web applications to plunder user information. Using malicious scripts, attackers can attract different users through normally trusted Web pages and access any inf ...
Added by triphis on Wed, 09 Mar 2022 14:30:08 +0200
Actual JVM: principle and application of ClassLoader
preface
I was asked such a question in the original interview. If you build a Java Lang. String class. Is the String class used in the system your defined String class or the String class in the native api?
You can try and find that the String class in the native api is still used in the final system. Why does this happen? This has to start ...
Added by colbyg on Wed, 09 Mar 2022 09:56:50 +0200
Object instantiation, memory layout and access location
1, Instantiation of objects
Large factory interview questions
Meituan:
How are objects stored in the JVM?
What is in the object header information?
Ant gold suit:
Second side: what's in the java object header
1.1 object creation method
new: the most common way, the static class method of calling getInstance in singleton class, and the stati ...
Added by nikosft on Sat, 05 Mar 2022 16:22:47 +0200
How to use Java to track JVM file system access
Use a custom security manager as a low overhead alternative to native tracers.
Native tracing tools are always the first choice for tracking file system access to Java applications. On Windows, use Process Monitor to track I / O. On Linux, use strace. Other platforms also provide similar functions.
By tracing directly in Java, you can address ...
Added by Tokunbo on Fri, 04 Mar 2022 05:07:34 +0200
Installation and use of Arthas in mac system
Arthas is a Java diagnostic tool open source by Alibaba in September 2018. It supports JDK6 + and adopts command-line interaction mode, which can easily locate and diagnose online program operation problems. The official document of Arthas is very detailed. See: https://alibaba.github.io/arthas
Arthas usage scenario
Thanks to the powerful ...
Added by spicey on Wed, 02 Mar 2022 16:02:32 +0200
The use of CO process in java
background
Java collaboration. We haven't heard much about Java collaboration for so long, but we often hear the concept of collaboration. This article introduces the specific use of collaboration in Java.
I've seen a lot of examples of java using quasar framework to realize collaborative process, but many of them are written in the wrong ...
Added by fisicx on Wed, 02 Mar 2022 12:20:40 +0200
Detailed explanation of direct ByteBuffer
https://blog.csdn.net/huangyu1985/article/details/103939462
1. Introduction
The bottom layer of ByteBuffer is through byte Array is used to store data. The so-called direct buffering means that byte arrays are stored outside the heap and do not exist on the jvm heap, which is not constrained by jvm garbage collection.
2. Creation methods o ...
Added by tomwerner on Mon, 28 Feb 2022 11:01:29 +0200
JVM -- garbage collection
2, Garbage recycling
How to judge whether an object can be recycled Garbage collection algorithm Generational waste recycling Garbage collector Garbage collection tuning
1. How to judge whether an object can be recycled
1.1 reference counting method
Disadvantages:
1.2 reachability analysis algorithm
The garbage collector in Java v ...
Added by karthikeyan_coder on Sun, 27 Feb 2022 08:55:45 +0200
Class loader
Learning objectives
Through the analysis of source code level, understand the direct relationship between the three loaders and the understanding of parental delegation mechanism
Introduction to class loader
The design team of Java virtual machine intentionally put the binary byte stream describing a class obtained through the full class ...
Added by paulbrown83 on Sat, 26 Feb 2022 14:21:49 +0200
JVM parameters and memory model
1. Why should we optimize the jvm?
In the local development environment, we rarely encounter the need to optimize the jvm, but in the production environment, we may have the following requirements:
The running application is "stuck", the log does not output, and the program does not respond The CPU load of the server suddenly incr ...
Added by DarkHavn on Wed, 23 Feb 2022 13:03:37 +0200