SyntaxFix

[java] How do I pass multiple parameter in URL?

I am trying to figure out how to pass multiple parameters in a URL. I want to pass latitude and longitude from my android class to a java servlet. How can I do that?

URL url;
double lat=touchedPoint.getLatitudeE6() / 1E6;
double lon=touchedPoint.getLongitudeE6() / 1E6;
url = new URL("http://10.0.2.2:8080/HelloServlet/PDRS?param1="+lat+lon);

In this case output (written to file) is 28.53438677.472097. This is working but I want to pass latitude and longitude in two separate parameters so that my work at server side is reduced. If it is not possible how can I at least add a space between lat & lon so that I can use tokenizer class to get my latitude and longitude. I tried following line but to no avail. 

    url = new URL("http://10.0.2.2:8080/HelloServlet/PDRS?param1="+lat+" "+lon);
output- Nothing is written to file
        url = new URL("http://10.0.2.2:8080/HelloServlet/PDRS?param1="+lat+"&?param2="+lon);
output- 28.534386 (Only Latitude)
        url = new URL("http://10.0.2.2:8080/HelloServlet/PDRS?param1="+lat+"?param2="+lon);
output- 28.532577?param2=77.502996

My servlet code is as follows:

req.setCharacterEncoding("UTF-8");
resp.setCharacterEncoding("UTF-8");
final String par1 =  req.getParameter("param1");
final String par2 = req.getParameter("param2");
FileWriter fstream = new FileWriter("C:\\Users\\Hitchhiker\\Desktop\\out2.txt");
BufferedWriter out = new BufferedWriter(fstream);
out.write(par1);
out.append(par2);
out.close();

Also I wanted to the know is this the most safe and secured way to pass the data from android device to server.

This question is related to java android url servlets

The answer is

I do not know much about Java but URL query arguments should be separated by "&", not "?"

http://tools.ietf.org/html/rfc3986 is good place for reference using "sub-delim" as keyword. http://en.wikipedia.org/wiki/Query_string is another good source.

You can pass multiple parameters as "?param1=value1&param2=value2"

But it's not secure. It's vulnerable to Cross Site Scripting (XSS) Attack.

Your parameter can be simply replaced with a script.

Have a look at this article and article

You can make it secure by using API of StringEscapeUtils

static String   escapeHtml(String str) 
          Escapes the characters in a String using HTML entities.

Even using https url for security without above precautions is not a good practice.

Have a look at related SE question:

Is URLEncoder.encode(string, "UTF-8") a poor validation?

Source: Stackoverflow.com

Examples related to java

Under what circumstances can I call findViewById with an Options Menu / Action Bar item? How much should a function trust another function How to implement a simple scenario the OO way Two constructors How do I get some variable from another class in Java? this in equals method How to split a string in two and store it in a field How to do perspective fixing? String index out of range: 4 My eclipse won't open, i download the bundle pack it keeps saying error log

Examples related to android

Under what circumstances can I call findViewById with an Options Menu / Action Bar item? How to implement a simple scenario the OO way My eclipse won't open, i download the bundle pack it keeps saying error log getting " (1) no such column: _id10 " error java doesn't run if structure inside of onclick listener Cannot retrieve string(s) from preferences (settings) strange error in my Animation Drawable how to put image in a bundle and pass it to another activity FragmentActivity to Fragment A failure occurred while executing com.android.build.gradle.internal.tasks

Examples related to url

What is the difference between URL parameters and query strings? Allow Access-Control-Allow-Origin header using HTML5 fetch API File URL "Not allowed to load local resource" in the Internet Browser Slack URL to open a channel from browser Getting absolute URLs using ASP.NET Core How do I load an HTTP URL with App Transport Security enabled in iOS 9? Adding form action in html in laravel React-router urls don't work when refreshing or writing manually URL for public Amazon S3 bucket How can I append a query parameter to an existing URL?

Examples related to servlets

Google Recaptcha v3 example demo Difference between request.getSession() and request.getSession(true) init-param and context-param java.lang.NoClassDefFoundError: org/json/JSONObject how to fix Cannot call sendRedirect() after the response has been committed? getting error HTTP Status 405 - HTTP method GET is not supported by this URL but not used `get` ever? Create a simple Login page using eclipse and mysql Spring get current ApplicationContext insert data into database using servlet and jsp in eclipse What is WEB-INF used for in a Java EE web application?

Tags

Xapian Nshost Nsprintoperation Java-native-interface Sieve Hgsubversion Itunes-app Dynamics-nav Styles Call-control Varcharmax Evb Data-layers Ironclad Prism Cppiechart Saxparseexception Armv6 Gitk Finalization Binsor Fixtures Case-expression Xml.etree Jmenupopup 6502 Capitalize Outline-view Gesture-recognition Nagios Camera-calibration Having-clause Portable-contacts Information-visualization Axiom Partial-classes Merge Jikes Kr-c Joauth Onupdate Ora-06502 Drop-shadow Command-execution Javax.swing.text Plist Dirent.h Py-amqplib Sharedservicesprovider Wacom Gdata-api Compatibility-level Xlsx Simpleadapter Authorize-attribute Text-indent Focusable Facebook-chat Supervisor-mode Opentype Nsubstitute Dtrace Log4j Run-length-encoding 256color Redmon Distutils Webchartcontrol Xml-literals Hibernate-validator Hibernate-criteria Oracle-home Doctrine-orm Guava Tail-recursion Threadabortexception Cfdirectory Ccl Remote-registry Flood-fill Scala-swing Tmp Nav Jquery-easing Applescript-objc Static-import Heap-randomization Telerik-reporting Ntext Endpoints Suppressmessage Reparsepoint Jaxp Tex Lightning Autofixture Outlining Tdataset Dataset Printk