contentstack
diff --git a/‎src/main/java/com/contentstack/sdk/AssetLibrary.java
+46-7 b/‎src/main/java/com/contentstack/sdk/AssetLibrary.java
+46-7
diff --git a/‎src/main/java/com/contentstack/sdk/AssetsModel.java
+3-1 b/‎src/main/java/com/contentstack/sdk/AssetsModel.java
+3-1
diff --git a/‎src/main/java/com/contentstack/sdk/CSConnectionRequest.java
+3-3 b/‎src/main/java/com/contentstack/sdk/CSConnectionRequest.java
+3-3
diff --git a/‎src/main/java/com/contentstack/sdk/ContentTypesModel.java
+12-2 b/‎src/main/java/com/contentstack/sdk/ContentTypesModel.java
+12-2
diff --git a/‎src/main/java/com/contentstack/sdk/EntryModel.java
+40-19 b/‎src/main/java/com/contentstack/sdk/EntryModel.java
+40-19
@@ -31,6 +31,31 @@ protected void setStackInstance(@NotNull Stack stack) {
         this.headers = stack.headers;
     }
 
+    //Sanitization of keys
+    private boolean isValidKey(String key) {
+        return key.matches("^[a-zA-Z0-9_.]+$");
+    }
+
+    //Sanitization of values
+    private boolean isValidValue(Object value) {
+        if(value instanceof String){
+            return ((String) value).matches("^[a-zA-Z0-9_.\\-\\s]+$");
+        }
+        return true;
+    }
+
+    //Sanitization of values list
+    private boolean isValidValueList(Object[] values) {
+        for (Object value : values) {
+            if (value instanceof String) {
+                if (!((String) value).matches("^[a-zA-Z0-9_.\\-\\s]+$")) {
+                    return false;
+                }
+            }
+        }
+        return true;
+    }
+
     /**
      * Sets header.
      *
@@ -151,7 +176,11 @@ public int getCount() {
      *         </pre>
      */
     public AssetLibrary addParam(@NotNull String paramKey, @NotNull Object paramValue) {
-        urlQueries.put(paramKey, paramValue);
+        if (isValidKey(paramKey) && isValidValue(paramValue)) {
+            urlQueries.put(paramKey, paramValue);
+        } else {
+            logger.warning("Invalid key or value");
+        }
         return this;
     }
 
@@ -172,8 +201,12 @@ public AssetLibrary addParam(@NotNull String paramKey, @NotNull Object paramValu
      *         </pre>
      */
     public AssetLibrary removeParam(@NotNull String paramKey){
-         if(urlQueries.has(paramKey)){
-            urlQueries.remove(paramKey);
+         if(isValidKey(paramKey)) {
+            if(urlQueries.has(paramKey)){
+                urlQueries.remove(paramKey);
+            }
+        } else {
+            logger.warning("Invalid key");
         }
         return this;
     }
@@ -255,7 +288,9 @@ private HashMap<String, Object> getUrlParams(JSONObject urlQueriesJSON) {
             while (iter.hasNext()) {
                 String key = iter.next();
                 Object value = urlQueriesJSON.opt(key);
-                hashMap.put(key, value);
+                if(isValidKey(key) && isValidValue(value)) {
+                    hashMap.put(key, value);
+                }
             }
         }
         return hashMap;
@@ -311,9 +346,13 @@ public enum ORDERBY {
     }
 
     public AssetLibrary where(String key, String value) {
-        JSONObject queryParams= new JSONObject();
-        queryParams.put(key,value);
-        urlQueries.put("query", queryParams);
+        if(isValidKey(key) && isValidValue(value)){  
+            JSONObject queryParams = new JSONObject();
+            queryParams.put(key,value);
+            urlQueries.put("query", queryParams);
+        } else {
+            throw new IllegalArgumentException("Invalid key or value");
+        }
         return this;
     }
 
 
@@ -20,10 +20,12 @@ class AssetsModel {
      */
     public AssetsModel(JSONObject response) {
         JSONArray listResponse = null;
-        Object rawAssets = response.get("assets"); // Get assets
+        Object rawAssets = response.opt("assets"); // Get assets
         if (rawAssets instanceof List) {  // Check if it's an ArrayList
             List<?> assetsList = (List<?>) rawAssets;
             listResponse = new JSONArray(assetsList); // Convert to JSONArray
+        } else if (rawAssets != null) {
+            throw new IllegalArgumentException("Invalid type for 'assets' key: " + rawAssets.getClass().getName());
         }
         if (listResponse != null) {
             listResponse.forEach(model -> {
 
@@ -83,7 +83,7 @@ public void setParams(Object... objects) {
     }
 
     @Override
-    public void sendRequest() {
+    public synchronized void sendRequest() {
         CSHttpConnection connection = new CSHttpConnection(urlToCall, this);
         connection.setController(controller);
         connection.setHeaders(header);
@@ -99,7 +99,7 @@ public void sendRequest() {
     }
 
     @Override
-    public void onRequestFailed(JSONObject error, int statusCode, ResultCallBack callBackObject) {
+    public synchronized void onRequestFailed(JSONObject error, int statusCode, ResultCallBack callBackObject) {
         Error errResp = new Error();
         if (error.has(ERROR_MESSAGE)) {
             String errMsg = error.optString(ERROR_MESSAGE);
@@ -119,7 +119,7 @@ public void onRequestFailed(JSONObject error, int statusCode, ResultCallBack cal
     }
 
     @Override
-    public void onRequestFinished(CSHttpConnection request) {
+    public synchronized void onRequestFinished(CSHttpConnection request) {
         JSONObject jsonResponse = request.getResponse();
         if (request.getController().equalsIgnoreCase(Constants.QUERYOBJECT)) {
             EntriesModel model = new EntriesModel(jsonResponse);
 
@@ -20,10 +20,15 @@ public void setJSON(JSONObject responseJSON) {
         if (responseJSON != null) {
             String ctKey = "content_type";
             if (responseJSON.has(ctKey) && responseJSON.opt(ctKey) instanceof LinkedHashMap) {
-                this.response = new JSONObject((LinkedHashMap<?, ?>) responseJSON.get(ctKey));
+                try {
+                    this.response = new JSONObject((LinkedHashMap<?, ?>) responseJSON.get(ctKey));
+                } catch (Exception e) {
+                    System.err.println("Error processing 'content_type': " + e.getMessage());
+                }
             }
             String ctListKey = "content_types";
             if (responseJSON.has(ctListKey) && responseJSON.opt(ctListKey) instanceof ArrayList) {
+               try {
                 ArrayList<LinkedHashMap<?, ?>> contentTypes = (ArrayList) responseJSON.get(ctListKey);
                 List<Object> objectList = new ArrayList<>();
                 if (!contentTypes.isEmpty()) {
@@ -32,13 +37,18 @@ public void setJSON(JSONObject responseJSON) {
                             // Convert LinkedHashMap to JSONObject
                             JSONObject jsonModel = new JSONObject((LinkedHashMap<?, ?>) model);
                             objectList.add(jsonModel);
+                        } else {
+                            System.err.println("Invalid type in 'content_types' list. Expected LinkedHashMap.");
                         }
                     });
                 }
                 this.response = new JSONArray(objectList);
                 this.responseJSONArray = new JSONArray(objectList);
-            }
+            } catch (Exception e) {
+            System.err.println("Error processing 'content_types': " + e.getMessage());
         }
+      }
+    }
     }
 
     public Object getResponse() {
 
@@ -46,29 +46,47 @@ public EntryModel(JSONObject response) {
         }
 
         if (this.jsonObject.has(UID_KEY)) {
-            this.uid = (String) this.jsonObject.opt(UID_KEY);
+            this.uid = this.jsonObject.optString(UID_KEY, null);
         }
         if (this.jsonObject.has(TITLE_KEY)) {
-            this.title = (String) this.jsonObject.opt(TITLE_KEY);
+            this.title = this.jsonObject.optString(TITLE_KEY, null);
         }
         if (this.jsonObject.has(LOCALE_KEY)) {
-            this.language = (String) this.jsonObject.opt(LOCALE_KEY);
+            this.language = this.jsonObject.optString(LOCALE_KEY,null);
         }
         if (this.jsonObject.has(URL_KEY)) {
-            this.url = (String) this.jsonObject.opt(URL_KEY);
+            this.url = this.jsonObject.optString(URL_KEY,null);
         }
         if (this.jsonObject.has("description")) {
-            this.description = this.jsonObject.opt("description");
-        }
-        this.images = (JSONArray) this.jsonObject.opt("images");
-        this.isDirectory = (Boolean) this.jsonObject.opt("is_dir");
-        this.updatedAt = (String) this.jsonObject.opt("updated_at");
-        this.updatedBy = (String) this.jsonObject.opt("updated_by");
-        this.createdAt = (String) this.jsonObject.opt("created_at");
-        this.createdBy = (String) this.jsonObject.opt("created_by");
-        this.locale = (String) this.jsonObject.opt(LOCALE_KEY);
-        this.inProgress = (Boolean) this.jsonObject.opt("_in_progress");
-        this.version = this.jsonObject.opt("_version") != null ? (int) this.jsonObject.opt("_version") : 1;
+            this.description = this.jsonObject.optString("description");
+        }
+        if(this.jsonObject.has("images") && this.jsonObject.opt("images") instanceof JSONArray) {
+            this.images = this.jsonObject.optJSONArray("images");
+        }
+        if(this.jsonObject.has("is_dir") && this.jsonObject.opt("is_dir") instanceof Boolean) {
+            this.isDirectory = this.jsonObject.optBoolean("is_dir");
+        }
+        if(this.jsonObject.has("updated_at")) {
+            this.updatedAt = this.jsonObject.optString("updated_at");
+        }
+        if(this.jsonObject.has("updated_by")) {
+            this.updatedBy = this.jsonObject.optString("updated_by");
+        }
+        if(this.jsonObject.has("created_at")) {
+            this.createdAt = this.jsonObject.optString("created_at");
+        }
+        if(this.jsonObject.has("created_by")) {
+            this.createdBy = this.jsonObject.optString("created_by");
+        }
+        if(this.jsonObject.has(LOCALE_KEY)) {
+            this.locale = this.jsonObject.optString(LOCALE_KEY);
+        }
+        if(this.jsonObject.has("_in_progress") && this.jsonObject.opt("_in_progress") instanceof Boolean) {
+            this.inProgress = this.jsonObject.optBoolean("_in_progress");
+        }
+        if(this.jsonObject.has("_version") && this.jsonObject.opt("_version") instanceof Integer) {
+            this.version = this.jsonObject.optInt("_version",1);
+        }   
         if (this.jsonObject.has(PUBLISH_DETAIL_KEY)) {
             parsePublishDetail();
         }
@@ -77,12 +95,15 @@ public EntryModel(JSONObject response) {
 
     private void parsePublishDetail() {
         if (this.jsonObject.opt(PUBLISH_DETAIL_KEY) instanceof JSONObject) {
-            this.publishDetails = (JSONObject) this.jsonObject.opt(PUBLISH_DETAIL_KEY);
-            this.environment = this.publishDetails.optString("environment");
-            this.time = this.publishDetails.optString("time");
-            this.user = this.publishDetails.optString("user");
+            this.publishDetails = this.jsonObject.optJSONObject(PUBLISH_DETAIL_KEY);
+            if(this.publishDetails != null) {
+                this.environment = this.publishDetails.optString("environment");
+                this.time = this.publishDetails.optString("time");
+                this.user = this.publishDetails.optString("user");
+            }
         }
         this.metadata = new HashMap<>();
         this.metadata.put(PUBLISH_DETAIL_KEY, this.publishDetails);
     }
 }
+