FreshMarker und OWASP

It will come as no surprise that FreshMarker, like all other template engines, must take precautions against template injection. Template injection is a security vulnerability that occurs when an application handles templates insecurely. Templates are prefabricated files or strings with placeholders that are replaced by data from users or other sources. Similar to FreeMarker, FreshMarker also has an escape mechanism that detects special characters in the interpolations using a harmless variant. If the standard mechanism is not enough, OWASP can help out.

FreshMarker Performance (2)

In the first article on FreshMarker performance, some of the template engine’s speed problems were addressed. The benchmark showed a tripling of the speed for these adjustments. In this article, the use of Reflections will be removed, which is certainly also of interest outside of a template engine.

FreshMarker Performance (1)

FreshMarker started as an academic project. The main aim was to show how a template engine can be created. At some point, however, the question arose as to how fast the template engine actually is. To be honest, it has been slow so far. But first things first.

FreshMarkers Roman Numbers

FreshMarker is quite a small library, about 475 KB in size. Therefore there is always room to make a few small additions. One of these is the display of numbers and loop variables with Roman numerals.

Partial Template Reduction (3)

At the end of the summer vacation, here is the last post on the topic of Partial Template Reduction for the time being. The basic algorithm was presented in the first two articles. In this article, the missing variable support is added.

Partial Template Reduktion (2)

In the first article on the implementation of the Partial Template Reduction feature, a few basic functions were created. This part deals with the implementation for the If-, Switch- and List- Directives.

Null Equality in Templates

This is an article that reports directly from the bowels of FreshMarker. It is therefore mainly worthwhile for readers who want to know a little more about how FreshMarker works.

FreshMarker Money Support

Anyone working with monetary amounts in Java should definitely take a look at the Moneta project. A long time ago there was an article on this subject – JSR 354 – Your number for the money. Surprisingly, however, I had forgotten about Moneta support for FreshMarker. I’ll make up for that now.

FreshMarker Partial Template Reduction

Some blog posts are about ideas and not solutions. This has the pleasant advantage for the author that the content of the contribution does not (yet) have to work. It also saves the developer work if the audience does not appreciate the topic. When working with templates, there are always a number of variables that are processed in a template with always the same value. It would be nice if you could save computing time there.

FreshMarker Sorted Hash Lists

I really like it when I can add new features to FreshMarker, especially if they are easy to implement and integrate elegantly into the overall system.