commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (VALIDATOR-334) UrlValidator: isValidAuthority() returning true when supplied authority validator fails
Date Sat, 03 Jan 2015 02:27:34 GMT

    [ https://issues.apache.org/jira/browse/VALIDATOR-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14263386#comment-14263386
] 

Sebb commented on VALIDATOR-334:
--------------------------------

The code was introduced in VALIDATOR-248 as a way to allow authority overrides.

So I think it is behaving correctly, but I agree the Javadoc does not make it clear what the
function of the regex is

> UrlValidator: isValidAuthority() returning true when supplied authority validator fails
> ---------------------------------------------------------------------------------------
>
>                 Key: VALIDATOR-334
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-334
>             Project: Commons Validator
>          Issue Type: Bug
>          Components: Routines
>    Affects Versions: 1.4.0 Release
>            Reporter: Scott Franson
>
> When UrlValidator is supplied an authority validator, if the authority fails the authority
validator, but is an otherwise valid authority, the UrlValidator reports the URL is valid.
Here is a test case:
> {code}
>     @Test
>     public void testUrlValidator() throws Exception {
>         String regex = ".*amazon\\.com";
>         RegexValidator authorityValidator = new RegexValidator(regex);
>         UrlValidator validator = new UrlValidator(authorityValidator, UrlValidator.ALLOW_ALL_SCHEMES);
>         assertThat("amazon.com", Pattern.matches(regex, "amazon.com"), is(true));
>         assertThat("google.com", Pattern.matches(regex, "google.com"), is(false));
>         assertThat("amazon.com", authorityValidator.isValid("amazon.com"), is(true));
>         assertThat("google.com", authorityValidator.isValid("google.com"), is(false));
>         assertThat("amazon.com", validator.isValid("http://amazon.com/somepath"), is(true));
>         assertThat("google.com", validator.isValid("http://google.com/somepath"), is(false));
  // fails
>     }
> {code}
> It appears that UrlAuthority.isValidAuthority() will return true if the URL passes the
authorityValidator (line 365). But if the URL fails the authorityValidator, it can still pass
the other validation checks. Shouldn't the validation fail if the URL fails the authorityValidator,
regardless if it is an otherwise valid authority?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message