oglueck 2004/09/30 10:26:27 Modified: httpclient/src/test/org/apache/commons/httpclient Tag: HTTPCLIENT_2_0_BRANCH TestURI.java httpclient/src/java/org/apache/commons/httpclient Tag: HTTPCLIENT_2_0_BRANCH HttpsURL.java HttpURL.java Log: Fixed escaping problem in userinfo: * Added test cases. * Changed the contract of all HttpURL and HttpsURL constructors accepting a userinfo field to expect the userinfo in URL escaped form. * Removed some code duplication. PR: 28728 Reviewed by: Michael Becke Revision Changes Path No revision No revision 1.4.2.7 +19 -9 jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestURI.java Index: TestURI.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestURI.java,v retrieving revision 1.4.2.6 retrieving revision 1.4.2.7 diff -u -r1.4.2.6 -r1.4.2.7 --- TestURI.java 14 May 2004 09:47:36 -0000 1.4.2.6 +++ TestURI.java 30 Sep 2004 17:26:27 -0000 1.4.2.7 @@ -188,11 +188,16 @@ assertEquals("http://localhost/", url.toString()); assertEquals("user:[EMAIL PROTECTED]", url.getAuthority()); - url = new HttpURL("user", "pass#", "localhost", 8080, "/"); + url = new HttpURL("user#@", "pass#@", "localhost", 8080, "/"); assertEquals("http://localhost:8080/", url.toString()); - assertEquals("user:pass#", url.getUserinfo()); - assertEquals("user:pass%23", url.getEscapedUserinfo()); + assertEquals("user#@:pass#@", url.getUserinfo()); + assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo()); + url = new HttpURL("user%23%40:pass%23%40", "localhost", 8080, "/"); + assertEquals("http://localhost:8080/", url.toString()); + assertEquals("user#@:pass#@", url.getUserinfo()); + assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo()); + url = new HttpURL("localhost", 8080, "/"); assertEquals("http://localhost:8080/", url.toString()); url.setRawUserinfo("user".toCharArray(), "password".toCharArray()); @@ -207,10 +212,15 @@ assertEquals("https://localhost/", url.toString()); assertEquals("user:[EMAIL PROTECTED]", url.getAuthority()); - url = new HttpsURL("user", "pass#", "localhost", 8080, "/"); + url = new HttpsURL("user#@", "pass#@", "localhost", 8080, "/"); + assertEquals("https://localhost:8080/", url.toString()); + assertEquals("user#@:pass#@", url.getUserinfo()); + assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo()); + + url = new HttpsURL("user%23%40:pass%23%40", "localhost", 8080, "/"); assertEquals("https://localhost:8080/", url.toString()); - assertEquals("user:pass#", url.getUserinfo()); - assertEquals("user:pass%23", url.getEscapedUserinfo()); + assertEquals("user#@:pass#@", url.getUserinfo()); + assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo()); url = new HttpsURL("localhost", 8080, "/"); assertEquals("https://localhost:8080/", url.toString()); No revision No revision 1.6.2.4 +45 -30 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpsURL.java Index: HttpsURL.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpsURL.java,v retrieving revision 1.6.2.3 retrieving revision 1.6.2.4 diff -u -r1.6.2.3 -r1.6.2.4 --- HttpsURL.java 14 May 2004 09:47:36 -0000 1.6.2.3 +++ HttpsURL.java 30 Sep 2004 17:26:27 -0000 1.6.2.4 @@ -122,7 +122,6 @@ */ public HttpsURL(String host, int port, String path) throws URIException { this(null, host, port, path, null, null); - checkValid(); } @@ -140,7 +139,6 @@ throws URIException { this(null, host, port, path, query, null); - checkValid(); } @@ -156,10 +154,7 @@ public HttpsURL(String user, String password, String host) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, -1, null, null, null); - checkValid(); + this(user, password, host, -1, null, null, null); } @@ -176,10 +171,7 @@ public HttpsURL(String user, String password, String host, int port) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, port, null, null, null); - checkValid(); + this(user, password, host, port, null, null, null); } @@ -197,10 +189,7 @@ public HttpsURL(String user, String password, String host, int port, String path) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, port, path, null, null); - checkValid(); + this(user, password, host, port, path, null, null); } @@ -219,10 +208,7 @@ public HttpsURL(String user, String password, String host, int port, String path, String query) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, port, path, query, null); - checkValid(); + this(user, password, host, port, path, query, null); } @@ -240,14 +226,17 @@ throws URIException { this(null, host, -1, path, query, fragment); - checkValid(); } /** * Construct a HTTPS URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param path the path string * @param query the query string @@ -259,14 +248,17 @@ String fragment) throws URIException { this(userinfo, host, -1, path, query, fragment); - checkValid(); } /** * Construct a HTTPS URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param port the port number * @param path the path string @@ -277,14 +269,17 @@ throws URIException { this(userinfo, host, port, path, null, null); - checkValid(); } /** * Construct a HTTPS URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param port the port number * @param path the path string @@ -296,14 +291,17 @@ String query) throws URIException { this(userinfo, host, port, path, query, null); - checkValid(); } /** * Construct a HTTPS URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param port the port number * @param path the path string @@ -322,7 +320,7 @@ buff.append(_default_scheme); buff.append("://"); if (userinfo != null) { - buff.append(URIUtil.encode(userinfo, URI.allowed_userinfo)); + buff.append(userinfo); buff.append('@'); } if (host != null) { @@ -352,6 +350,23 @@ checkValid(); } + /** + * Construct a HTTP URL from given components. + * + * @param user the user name + * @param password his or her password + * @param host the host string + * @param port the port number + * @param path the path string + * @param query the query string + * @param fragment the fragment string + * @throws URIException If [EMAIL PROTECTED] #checkValid()} fails + * @see #getDefaultProtocolCharset + */ + public HttpsURL(String user, String password, String host, int port, + String path, String query, String fragment) throws URIException { + this(HttpURL.toUserinfo(user, password), host, port, path, query, fragment); + } /** * Construct a HTTPS URL with a given relative HTTPS URL string. 1.12.2.5 +60 -33 jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpURL.java Index: HttpURL.java =================================================================== RCS file: /home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpURL.java,v retrieving revision 1.12.2.4 retrieving revision 1.12.2.5 diff -u -r1.12.2.4 -r1.12.2.5 --- HttpURL.java 2 May 2004 15:15:34 -0000 1.12.2.4 +++ HttpURL.java 30 Sep 2004 17:26:27 -0000 1.12.2.5 @@ -119,8 +119,7 @@ * @see #getDefaultProtocolCharset */ public HttpURL(String host, int port, String path) throws URIException { - this(null, host, port, path, null, null); - checkValid(); + this(null, null, host, port, path, null, null); } @@ -137,8 +136,7 @@ public HttpURL(String host, int port, String path, String query) throws URIException { - this(null, host, port, path, query, null); - checkValid(); + this(null, null, host, port, path, query, null); } @@ -154,10 +152,7 @@ public HttpURL(String user, String password, String host) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, -1, null, null, null); - checkValid(); + this(user, password, host, -1, null, null, null); } @@ -174,10 +169,7 @@ public HttpURL(String user, String password, String host, int port) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, port, null, null, null); - checkValid(); + this(user, password, host, port, null, null, null); } @@ -195,10 +187,7 @@ public HttpURL(String user, String password, String host, int port, String path) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, port, path, null, null); - checkValid(); + this(user, password, host, port, path, null, null); } @@ -217,10 +206,7 @@ public HttpURL(String user, String password, String host, int port, String path, String query) throws URIException { - this((user == null) ? null : user - + ((password == null) ? "" : ':' + password), - host, port, path, query, null); - checkValid(); + this(user, password, host, port, path, query, null); } @@ -237,15 +223,18 @@ public HttpURL(String host, String path, String query, String fragment) throws URIException { - this(null, host, -1, path, query, fragment); - checkValid(); + this(null, null, host, -1, path, query, fragment); } /** * Construct a HTTP URL from given components. + * + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. * - * @param userinfo the userinfo string + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param path the path string * @param query the query string @@ -257,14 +246,17 @@ String fragment) throws URIException { this(userinfo, host, -1, path, query, fragment); - checkValid(); } /** * Construct a HTTP URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param port the port number * @param path the path string @@ -275,14 +267,17 @@ throws URIException { this(userinfo, host, port, path, null, null); - checkValid(); } /** * Construct a HTTP URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param port the port number * @param path the path string @@ -294,14 +289,17 @@ String query) throws URIException { this(userinfo, host, port, path, query, null); - checkValid(); } /** * Construct a HTTP URL from given components. * - * @param userinfo the userinfo string + * Note: The <code>userinfo</code> format is normally + * <code><username>:<password></code> where + * username and password must both be URL escaped. + * + * @param userinfo the userinfo string whose parts are URL escaped * @param host the host string * @param port the port number * @param path the path string @@ -320,7 +318,7 @@ buff.append(_default_scheme); buff.append("://"); if (userinfo != null) { - buff.append(URIUtil.encode(userinfo, URI.allowed_userinfo)); + buff.append(userinfo); buff.append('@'); } if (host != null) { @@ -348,6 +346,35 @@ } parseUriReference(buff.toString(), true); checkValid(); + } + + + /** + * Construct a HTTP URL from given components. + * + * @param user the user name + * @param password his or her password + * @param host the host string + * @param port the port number + * @param path the path string + * @param query the query string + * @param fragment the fragment string + * @throws URIException If [EMAIL PROTECTED] #checkValid()} fails + * @see #getDefaultProtocolCharset + */ + public HttpURL(String user, String password, String host, int port, + String path, String query, String fragment) throws URIException { + this(toUserinfo(user, password), host, port, path, query, fragment); + } + + protected static String toUserinfo(String user, String password) throws URIException { + if (user == null) return null; + StringBuffer usrinfo = new StringBuffer(20); //sufficient for real world + usrinfo.append(URIUtil.encode(user, URI.allowed_within_userinfo)); + if (password == null) return usrinfo.toString(); + usrinfo.append(':'); + usrinfo.append(URIUtil.encode(password, URI.allowed_within_userinfo)); + return usrinfo.toString(); }
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]