cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Decker (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-7456) empty query string injects into enum type will lead 404 error
Date Thu, 27 Jul 2017 16:09:00 GMT

    [ https://issues.apache.org/jira/browse/CXF-7456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16103394#comment-16103394
] 

Michael Decker commented on CXF-7456:
-------------------------------------

Also I tried to use a ParameterConverter, but it does not solve the issue.

I checked the code:
    --- SNIP ---
    public static <T> T handleParameter(String value, 
...
        Object result = null;
        try {
            result = createFromParameterHandler(value, pClass, genericType, paramAnns, message);
        } catch (IllegalArgumentException nfe) {
            throw createParamConversionException(pType, nfe);
        }
        if (result != null) {
            T theResult = null;
            if (pClass.isPrimitive()) {
                theResult = (T)result;
            } else {
                theResult = pClass.cast(result);
            }
            return theResult;
        }
...
        if (result == null) {
            // check for valueOf(String) static methods
            String[] methodNames = cls.isEnum() 
                ? new String[] {"fromString", "fromValue", "valueOf"} 
                : new String[] {"valueOf", "fromString"};
            result = evaluateFactoryMethods(value, pType, result, cls, methodNames);
        }
    --- SNIP ---

So only if "createFromParameterHandler" returns something else than null, it will be considered
as a proper value, even if I had a custom ParamConverter in place.
So it does not return the "null", but continue and calls eventually "valueOf" again.

So also if ParamConverter return null the method handleParameter does not consider it as a
valid value, even it does return null, if the value was null, so null seems to be a valid
value in general:
    --- SNIP ---
    public static <T> T handleParameter(String value, 
        if (value == null) {
            return null;
        }
...
    --- SNAP ---

> empty query string injects into enum type will lead 404 error
> -------------------------------------------------------------
>
>                 Key: CXF-7456
>                 URL: https://issues.apache.org/jira/browse/CXF-7456
>             Project: CXF
>          Issue Type: Bug
>          Components: Core, JAX-RS
>    Affects Versions: 3.1.11
>            Reporter: Michael Decker
>
> This issue is similar to CXF-7307.
> The http request:
> GET /demo-provider/v1.0/users/beanparam?a= HTTP/1.1
> HOST: localhost:8080
> accept: application/json
> content-type: application/json
> The resource method returns null:
> public String beanParam(@QueryParam("a") MyEnum a)
> { return ""+a; }
> javax.ws.rs.ClientErrorException: HTTP 404 Not Found
> {{
> 2017-07-27 14:51:34.325 [Default Executor-thread-117] DEBUG d.k.i.a.e.h.WebApplicationExceptionHandler
toResponse[30]: Build webapplication error response [exceptionMessage=HTTP 404 Not Found]
> javax.ws.rs.WebApplicationException: HTTP 404 Not Found
> 	at org.apache.cxf.jaxrs.utils.InjectionUtils.evaluateFactoryMethods(InjectionUtils.java:546)
> 	at org.apache.cxf.jaxrs.utils.InjectionUtils.handleParameter(InjectionUtils.java:457)
> 	at org.apache.cxf.jaxrs.utils.InjectionUtils.injectIntoCollectionOrArray(InjectionUtils.java:931)
> 	at org.apache.cxf.jaxrs.utils.InjectionUtils.createParameterObject(InjectionUtils.java:1003)
> 	at org.apache.cxf.jaxrs.utils.JAXRSUtils.readQueryString(JAXRSUtils.java:1192)
> 	at org.apache.cxf.jaxrs.utils.JAXRSUtils.createHttpParameterValue(JAXRSUtils.java:868)
> 	at org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameter(JAXRSUtils.java:838)
> 	at org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(JAXRSUtils.java:789)
> 	at org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.processRequest(JAXRSInInterceptor.java:212)
> 	at org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.handleMessage(JAXRSInInterceptor.java:77)
> 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
> 	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> 	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:262)
> 	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
> 	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
> 	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
> 	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:180)
> 	at de.CXFServlet.invoke(CXFServlet.java:71)
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299)
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:223)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:575)
> 	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:274)
> 	at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1290)
> ...
> 	at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.IllegalArgumentException: No enum constant de.MyEnum.
> 	at java.lang.Enum.valueOf(Enum.java:236)
> 	at de.MyEnum.valueOf(EndpointType.java:1)
> 	at sun.reflect.GeneratedMethodAccessor1111.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java)
> 	at java.lang.reflect.Method.invoke(Method.java:606)
> 	at org.apache.cxf.jaxrs.utils.InjectionUtils.evaluateFactoryMethod(InjectionUtils.java:560)
> 	at org.apache.cxf.jaxrs.utils.InjectionUtils.evaluateFactoryMethods(InjectionUtils.java:527)
> 	... 51 common frames omitted
> }}
>     
>     
> org.apache.cxf.jaxrs.utils.InjectionUtils.handleParameter(String, boolean, Class<T>,
Type, Annotation[], ParameterType, Message)
>     -> calls org.apache.cxf.jaxrs.utils.InjectionUtils.evaluateFactoryMethods(String,
ParameterType, Object, Class<?>, String[])
>         using "fromString", "fromValue", "valueOf"
>         -> evaluateFactoryMethods continues with next method, if the first method
returns null
>             -> as "fromString" returns "null" now (it is implemented), "fromValue"
does not exists, it calls "valueOf" and that one cannot handle null, empty or blank Strings
>     -> and even, if evaluateFactoryMethods would return null, the handleParameter
contains this check, that forbids null:
>         --- SNIP ---
>             if (result == null) {
>                 reportServerError("WRONG_PARAMETER_TYPE", pClass.getName());
>             }
>         --- SNAP ---



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message