commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Scott Franson (JIRA)" <j...@apache.org>
Subject [jira] [Created] (VALIDATOR-334) UrlValidator: isValidAuthority() returning true when supplied authority validator fails
Date Wed, 26 Mar 2014 05:52:17 GMT
Scott Franson created VALIDATOR-334:
---------------------------------------

             Summary: UrlValidator: isValidAuthority() returning true when supplied authority
validator fails
                 Key: VALIDATOR-334
                 URL: https://issues.apache.org/jira/browse/VALIDATOR-334
             Project: Commons Validator
          Issue Type: Bug
          Components: Routines
    Affects Versions: 1.4.0 Release
            Reporter: Scott Franson


When UrlValidator is supplied an authority validator, if the authority fails the authority
validator, but is an otherwise valid authority, the UrlValidator reports the URL is valid.
Here is a test case:
{code}
    @Test
    public void testUrlValidator() throws Exception {
        String regex = ".*amazon\\.com";
        RegexValidator authorityValidator = new RegexValidator(regex);
        UrlValidator validator = new UrlValidator(authorityValidator, UrlValidator.ALLOW_ALL_SCHEMES);

        assertThat("amazon.com", Pattern.matches(regex, "amazon.com"), is(true));
        assertThat("google.com", Pattern.matches(regex, "google.com"), is(false));

        assertThat("amazon.com", authorityValidator.isValid("amazon.com"), is(true));
        assertThat("google.com", authorityValidator.isValid("google.com"), is(false));

        assertThat("amazon.com", validator.isValid("http://amazon.com/somepath"), is(true));
        assertThat("google.com", validator.isValid("http://google.com/somepath"), is(false));
  // fails
    }
{code}

It appears that UrlAuthority.isValidAuthority() will return true if the URL passes the authorityValidator
(line 365). But if the URL fails the authorityValidator, it can still pass the other validation
checks. Shouldn't the validation fail if the URL fails the authorityValidator, regardless
if it is an otherwise valid authority?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message