Delete comment from: Java67
I am trying to understand point #2. Since String ref. variable will be used across the code. String objects are not mutable, but we can assign new malicious value to String reference Variable and hence that new value will be used across the code. e.g.
public class MyApi {
final String myUrl;
public MyApi(String urlString) {
// Verify that urlString points to an approved server
if (!checkApprovedUrl(urlString)) throw new IllegalArgumentException();
myUrl = urlString;
}
}
In the above code suppose some new value is assigned to urlString say after the if condition and which will be used across the code, thus compromising security. Please explain.
Thanks.
Jan 27, 2018, 4:57:26 PM
Posted to Why String is Immutable or final in Java - 5 Reasons