river-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From peter_firmst...@apache.org
Subject svn commit: r1360396 - in /river/jtsk/trunk: src/org/apache/river/api/security/DefaultPolicyParser.java src/org/apache/river/api/security/UriString.java test/src/org/apache/river/api/security/UriStringTest.java
Date Wed, 11 Jul 2012 20:58:03 GMT
Author: peter_firmstone
Date: Wed Jul 11 20:58:02 2012
New Revision: 1360396

URL: http://svn.apache.org/viewvc?rev=1360396&view=rev
Log:
Windows platforms have issues with file name paths, illegal characters need to be escaped,
this requires further work, not as simple as I originally thought.  This is for testing on
hudson

Added:
    river/jtsk/trunk/src/org/apache/river/api/security/UriString.java
    river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java
Modified:
    river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java

Modified: river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java?rev=1360396&r1=1360395&r2=1360396&view=diff
==============================================================================
--- river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java (original)
+++ river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java Wed Jul 11
20:58:02 2012
@@ -204,13 +204,13 @@ class DefaultPolicyParser implements Pol
                     Collection<String> cbstr = expandURLs(cb, system);
                     Iterator<String> it = cbstr.iterator();
                     while (it.hasNext()){
-                        codebases.add(new URI(it.next()));
+                        codebases.add(new URI(UriString.escapeIllegalCharacters(it.next())));
                     }
                 } catch (ExpansionFailedException e) {
-                    codebases.add(new URI(cb));
+                    codebases.add(new URI(UriString.escapeIllegalCharacters(cb)));
                 }
             } else {
-                codebases.add(new URI(cb));
+                codebases.add(new URI(UriString.escapeIllegalCharacters(cb)));
             }
         }
         if ( signerString != null) {

Added: river/jtsk/trunk/src/org/apache/river/api/security/UriString.java
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/UriString.java?rev=1360396&view=auto
==============================================================================
--- river/jtsk/trunk/src/org/apache/river/api/security/UriString.java (added)
+++ river/jtsk/trunk/src/org/apache/river/api/security/UriString.java Wed Jul 11 20:58:02
2012
@@ -0,0 +1,104 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.river.api.security;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+
+/**
+ *
+ * @author Peter Firmstone.
+ */
+class UriString {
+    
+    private final static Map<Character,String> escaped = new HashMap<Character,String>();
+    
+    
+        // Allowed
+    private static char [] lowalpha = "abcdefghijklmnopqrstuvwxyz".toCharArray();
+    private static char [] upalpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZ".toCharArray();
+    private static char [] reserved = {';','/','?',':','@','&','=','+','$',','};
+    private static char [] mark = "-_.!~*'()".toCharArray();
+    private static char escape = '%';
+    private static char fragment = '#';
+    // Excluded
+    private static Character [] control = {
+        '\u0000','\u0001','\u0002','\u0003','\u0004','\u0005','\u0006','\u0007',
+        '\u0008','\u0009','\n',    '\u000B','\u000C','\r',    '\u000E','\u000F',
+        '\u0010','\u0011','\u0012','\u0013','\u0014','\u0015','\u0016','\u0017',
+        '\u0018','\u0019','\u001A','\u001B','\u001C','\u001D','\u001E','\u001F',
+        '\u007F'
+    };
+    private static String [] contEsc = {
+        "%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07", 
+        "%08", "%09", "%0A", "%0B", "%0C", "%0D", "%0E", "%0F", 
+        "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", 
+        "%18", "%19", "%1A", "%1B", "%1C", "%1D", "%1E", "%1F",
+        "%7F"
+    };
+    private static Character space = '\u0020';
+    private static String spaceEsc = "%20";
+    // Excluded because they are often used as delimiters around URI
+    private static Character [] delims = {'<','>','"'};
+    private static String [] delimEsc = {"%3C", "%3E", "%22"};
+    // Excluded because gateways and other transport agents are known
+    // to sometimes modify such characters, or they are used as delimiters.
+    private static Character [] unwise = {'{','}','|','\\','^','[',']','`'};
+    private static String [] unwiseEsc = {"%7B", "%7D", "%7C", "%5C", 
+                                   "%53", "%5B", "%5D", "%60"};
+
+    
+    static {
+        escapes(control, contEsc);
+        escaped.put(space, spaceEsc);
+        escapes(delims, delimEsc);
+        escapes(unwise, unwiseEsc);
+    }
+    
+    static void escapes(Character [] unicode, String[] escape){
+        int l = unicode.length;
+        if (l != escape.length) throw new IllegalArgumentException("unequal arrays");
+        for (int i = 0; i < l; i++){
+            escaped.put(unicode[i], escape[i]);
+        }
+    }
+    
+    static String escapeIllegalCharacters(String url){
+        char [] u = url.toCharArray();
+        int l = u.length;
+//        for (int i = 0; i < l; i++){
+//            // Don't escape if already escaped.
+//            if (u[i] == escape) return url;
+//        }
+        StringBuilder sb = new StringBuilder();
+        for (int i=0; i<l; i++){
+            Character c = Character.valueOf(u[i]);
+            if (escaped.keySet().contains(c)){
+                sb.append(escaped.get(c));
+            } else {
+                sb.append(c);
+            }
+        }
+        return sb.toString();
+    }
+    
+}
+

Added: river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java?rev=1360396&view=auto
==============================================================================
--- river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java (added)
+++ river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java Wed Jul 11
20:58:02 2012
@@ -0,0 +1,50 @@
+/*
+ * To change this template, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.apache.river.api.security;
+
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author peter
+ */
+public class UriStringTest {
+    
+    public UriStringTest() {
+    }
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+    
+    @Before
+    public void setUp() {
+    }
+    
+    @After
+    public void tearDown() {
+    }
+
+    /**
+     * Test of escapeIllegalCharacters method, of class UriString.
+     */
+    @Test
+    public void testEscapeIllegalCharacters() {
+        System.out.println("escapeIllegalCharacters");
+        String url = " ";
+        String expResult = "%20";
+        String result = UriString.escapeIllegalCharacters(url);
+        assertEquals(expResult, result);
+    }
+}



Mime
View raw message