Updated Branches: refs/heads/master b91154ea0 -> 4ee5ad1fb
WICKET-4511 Stack overflow when render malformed html. Project: http://git-wip-us.apache.org/repos/asf/wicket/repo Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/4ee5ad1f Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/4ee5ad1f Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/4ee5ad1f Branch: refs/heads/master Commit: 4ee5ad1fbd7e7e9b3c0935f9b07e1350ecefd1cb Parents: b91154e Author: Martin Tzvetanov Grigorov <[email protected]> Authored: Fri Apr 27 15:23:27 2012 +0300 Committer: Martin Tzvetanov Grigorov <[email protected]> Committed: Fri Apr 27 15:24:41 2012 +0300 ---------------------------------------------------------------------- .../parser/filter/HtmlHeaderSectionHandler.java | 28 ++++++-- .../filter/HtmlHeaderSectionHandlerTest.java | 54 +++++++++++++++ 2 files changed, 77 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/wicket/blob/4ee5ad1f/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java b/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java index 5d7cd84..1b2ac8e 100644 --- a/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java +++ b/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java @@ -21,6 +21,8 @@ import java.text.ParseException; import org.apache.wicket.markup.ComponentTag; import org.apache.wicket.markup.Markup; import org.apache.wicket.markup.MarkupElement; +import org.apache.wicket.markup.MarkupException; +import org.apache.wicket.markup.MarkupStream; import org.apache.wicket.markup.parser.AbstractMarkupFilter; import org.apache.wicket.markup.parser.XmlTag.TagType; @@ -46,6 +48,9 @@ public final class HtmlHeaderSectionHandler extends AbstractMarkupFilter /** True if <head> has been found already */ private boolean foundHead = false; + /** True if </head> has been found already */ + private boolean foundClosingHead = false; + /** True if all the rest of the markup file can be ignored */ private boolean ignoreTheRest = false; @@ -78,15 +83,20 @@ public final class HtmlHeaderSectionHandler extends AbstractMarkupFilter if (tag.getNamespace() == null) { // we found <head> - if (tag.isClose()) + if (tag.isOpen()) { foundHead = true; + + if (tag.getId() == null) + { + tag.setId(HEADER_ID); + tag.setAutoComponentTag(true); + tag.setModified(true); + } } - else if (tag.getId() == null) + else if (tag.isClose()) { - tag.setId(HEADER_ID); - tag.setAutoComponentTag(true); - tag.setModified(true); + foundClosingHead = true; } return tag; @@ -95,10 +105,18 @@ public final class HtmlHeaderSectionHandler extends AbstractMarkupFilter { // we found <wicket:head> foundHead = true; + foundClosingHead = true; } } else if (BODY.equalsIgnoreCase(tag.getName()) && (tag.getNamespace() == null)) { + // WICKET-4511: We found <body> inside <head> tag. Markup is not valid! + if (foundHead && !foundClosingHead) + { + throw new MarkupException(new MarkupStream(markup), + "Invalid page markup. Tag <BODY> found inside <HEAD>"); + } + // We found <body> if (foundHead == false) { http://git-wip-us.apache.org/repos/asf/wicket/blob/4ee5ad1f/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java b/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java new file mode 100644 index 0000000..e85a995 --- /dev/null +++ b/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java @@ -0,0 +1,54 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.wicket.markup.parser.filter; + +import org.apache.wicket.MarkupContainer; +import org.apache.wicket.WicketTestCase; +import org.apache.wicket.markup.IMarkupResourceStreamProvider; +import org.apache.wicket.markup.MarkupException; +import org.apache.wicket.markup.html.WebPage; +import org.apache.wicket.util.resource.IResourceStream; +import org.apache.wicket.util.resource.StringResourceStream; +import org.junit.Test; + +public class HtmlHeaderSectionHandlerTest extends WicketTestCase +{ + /** + * https://issues.apache.org/jira/browse/WICKET-4511 + * + * Asserts that HtmlHeaderSectionHandler throws a MarkupException if a <BODY> tag is found + * inside <HEAD> + * + * @throws Exception + */ + @Test(expected = MarkupException.class) + public void loadMarkupWithBodyInsideHead() throws Exception + { + CustomMarkupPage customMarkupPage = new CustomMarkupPage(); + tester.startPage(customMarkupPage); + } + + private static class CustomMarkupPage extends WebPage implements IMarkupResourceStreamProvider + { + public IResourceStream getMarkupResourceStream(MarkupContainer container, + Class<?> containerClass) + { + // <head> is not closed before <body> + return new StringResourceStream("<html><head><body>bad markup!</body></head></html>"); + } + } +}
