FreshMarker und OWASP

It will come as no surprise that FreshMarker, like all other template engines, must take precautions against template injection. Template injection is a security vulnerability that occurs when an application handles templates insecurely. Templates are prefabricated files or strings with placeholders that are replaced by data from users or other sources. Similar to FreeMarker, FreshMarker also has an escape mechanism that detects special characters in the interpolations using a harmless variant. If the standard mechanism is not enough, OWASP can help out.

Jackson Bitrate Support with JSR 385

Java Bibliotheken

Many interesting libraries are created through the Java Specification Requests process. Many of them are incorporated directly into the JDK, but some exist as independent libraries. Some time ago I wrote about the Moneta library. This article is about a Jackson use case for Indriya, the JSR 385 (Units of Measurement API) reference implementation.

FreshMarker Performance (2)

In the first article on FreshMarker performance, some of the template engine’s speed problems were addressed. The benchmark showed a tripling of the speed for these adjustments. In this article, the use of Reflections will be removed, which is certainly also of interest outside of a template engine.

FreshMarker Performance (1)

FreshMarker started as an academic project. The main aim was to show how a template engine can be created. At some point, however, the question arose as to how fast the template engine actually is. To be honest, it has been slow so far. But first things first.

FreshMarkers Roman Numbers

FreshMarker is quite a small library, about 475 KB in size. Therefore there is always room to make a few small additions. One of these is the display of numbers and loop variables with Roman numerals.

Library Updates

Java Bibliotheken

The Java libraries Holidays and Telephone are now available with Java 21 support under version 1.0.0 on Maven Central.

Partial Template Reduction (3)

At the end of the summer vacation, here is the last post on the topic of Partial Template Reduction for the time being. The basic algorithm was presented in the first two articles. In this article, the missing variable support is added.

Partial Template Reduktion (2)

In the first article on the implementation of the Partial Template Reduction feature, a few basic functions were created. This part deals with the implementation for the If-, Switch- and List- Directives.

Null Equality in Templates

This is an article that reports directly from the bowels of FreshMarker. It is therefore mainly worthwhile for readers who want to know a little more about how FreshMarker works.

FreshMarker Money Support

Anyone working with monetary amounts in Java should definitely take a look at the Moneta project. A long time ago there was an article on this subject – JSR 354 – Your number for the money. Surprisingly, however, I had forgotten about Moneta support for FreshMarker. I’ll make up for that now.