Profiling @ JVisualVM

This is one of the useful, free utilities that come in the JDK bundle. It’s basically a JMX client application. It helps us to shows stats and improve the application performance after analyzing Memory leaks, Heap data, Garbage Collector, and CPU profiling/consumption. With features like thread analysis and head dump analysis, it is very handy in solving run-time problems, too.

To enable JVisualVM to collect stats of application hosted on a remote server, we have to run our application with JMX System properties. They are as follows:

  • is used to specify the port number through which the application will be exposed
  • is used to specify whether secure sockets layer (SSL) encryption will be activated to secure the connection to the application
  • is used to specify whether the connection will be password protected

Finally, our Jar command will look like:-

java -jar myApplication.jar

Now, we can run jvisualVM from path c:\oracle\bin\jvisualvm and add remote host for an application and could start Profiling.


Cross-Site Scripting vulnerability

When comparing data that may be locale-dependent, an appropriate locale should be specified in code and that’s how Cross-Site Scripting vulnerability could be avoided.

import java.util.Locale;
public String anyMethodName(String dataSet){
	return null;

How to enable Garbage Collector Logs

The garbage collector provides automatic memory management. It keeps track of all objects instantiated within a JVM and removes the ones that are no longer used. That is a highly complex task, and there are several different garbage collector implementations available.

In general, the garbage collection process in Java is very efficient. It’s so efficient that there are lots of applications that use the default implementation with its standard configuration. But if your application has to handle the high load or uses lots of complex object structures, the performance of your application might decrease over time. That often happens when the garbage collector needs to spend more and more time to manage the available memory. The garbage collector log provides you with the necessary information to analyze all garbage collector activities.

The garbage collector log is deactivated by default. You need to activate it with a set of command line properties.

If you’re using JDK 8 or earlier, you can do that using the following properties:
-XX:+PrintGCDetails -Xloggc:

Starting with JDK 9, you need to use the following properties instead:

After you started your application with these command line properties, your garbage collector will write detailed information about all operations. Unfortunately, the content and format of the generated garbage collector log depend on the vendor and version of your JVM and the garbage collection algorithm.

Purpose of [^\x20-\x7E] in Regular Expressions

Purpose of [^\x20-\x7E] in Regular Expressions defines all characters that are not (^) in the range \x20-\x7E (hex 0x20 to 0x7E). According to, those are characters from ‘space’ to ‘~’. Hence, given below Java code will work very efficiently:-

String updateMessage = message.replaceAll("[^\\x20-\\x7e]", "");

Happy Coding !!