oglueck 2004/09/30 10:26:41
Modified: httpclient/src/java/org/apache/commons/httpclient
HttpsURL.java HttpURL.java
httpclient/src/test/org/apache/commons/httpclient
TestURI.java
Log:
Fixed escaping problem in userinfo:
* Added test cases.
* Changed the contract of all HttpURL and HttpsURL constructors accepting a
userinfo field to expect the userinfo in URL escaped form.
* Removed some code duplication.
PR: 28728
Reviewed by: Michael Becke
Revision Changes Path
1.11 +45 -30
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpsURL.java
Index: HttpsURL.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpsURL.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- HttpsURL.java 14 May 2004 09:47:34 -0000 1.10
+++ HttpsURL.java 30 Sep 2004 17:26:41 -0000 1.11
@@ -120,7 +120,6 @@
*/
public HttpsURL(String host, int port, String path) throws URIException {
this(null, host, port, path, null, null);
- checkValid();
}
@@ -138,7 +137,6 @@
throws URIException {
this(null, host, port, path, query, null);
- checkValid();
}
@@ -154,10 +152,7 @@
public HttpsURL(String user, String password, String host)
throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, -1, null, null, null);
- checkValid();
+ this(user, password, host, -1, null, null, null);
}
@@ -174,10 +169,7 @@
public HttpsURL(String user, String password, String host, int port)
throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, port, null, null, null);
- checkValid();
+ this(user, password, host, port, null, null, null);
}
@@ -195,10 +187,7 @@
public HttpsURL(String user, String password, String host, int port,
String path) throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, port, path, null, null);
- checkValid();
+ this(user, password, host, port, path, null, null);
}
@@ -217,10 +206,7 @@
public HttpsURL(String user, String password, String host, int port,
String path, String query) throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, port, path, query, null);
- checkValid();
+ this(user, password, host, port, path, query, null);
}
@@ -238,14 +224,17 @@
throws URIException {
this(null, host, -1, path, query, fragment);
- checkValid();
}
/**
* Construct a HTTPS URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param path the path string
* @param query the query string
@@ -257,14 +246,17 @@
String fragment) throws URIException {
this(userinfo, host, -1, path, query, fragment);
- checkValid();
}
/**
* Construct a HTTPS URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param port the port number
* @param path the path string
@@ -275,14 +267,17 @@
throws URIException {
this(userinfo, host, port, path, null, null);
- checkValid();
}
/**
* Construct a HTTPS URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param port the port number
* @param path the path string
@@ -294,14 +289,17 @@
String query) throws URIException {
this(userinfo, host, port, path, query, null);
- checkValid();
}
/**
* Construct a HTTPS URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param port the port number
* @param path the path string
@@ -320,7 +318,7 @@
buff.append(_default_scheme);
buff.append("://");
if (userinfo != null) {
- buff.append(URIUtil.encode(userinfo, URI.allowed_userinfo));
+ buff.append(userinfo);
buff.append('@');
}
if (host != null) {
@@ -350,6 +348,23 @@
checkValid();
}
+ /**
+ * Construct a HTTP URL from given components.
+ *
+ * @param user the user name
+ * @param password his or her password
+ * @param host the host string
+ * @param port the port number
+ * @param path the path string
+ * @param query the query string
+ * @param fragment the fragment string
+ * @throws URIException If [EMAIL PROTECTED] #checkValid()} fails
+ * @see #getDefaultProtocolCharset
+ */
+ public HttpsURL(String user, String password, String host, int port,
+ String path, String query, String fragment) throws URIException {
+ this(HttpURL.toUserinfo(user, password), host, port, path, query, fragment);
+ }
/**
* Construct a HTTPS URL with a given relative HTTPS URL string.
1.18 +60 -33
jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpURL.java
Index: HttpURL.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/java/org/apache/commons/httpclient/HttpURL.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- HttpURL.java 2 May 2004 15:19:15 -0000 1.17
+++ HttpURL.java 30 Sep 2004 17:26:41 -0000 1.18
@@ -117,8 +117,7 @@
* @see #getDefaultProtocolCharset
*/
public HttpURL(String host, int port, String path) throws URIException {
- this(null, host, port, path, null, null);
- checkValid();
+ this(null, null, host, port, path, null, null);
}
@@ -135,8 +134,7 @@
public HttpURL(String host, int port, String path, String query)
throws URIException {
- this(null, host, port, path, query, null);
- checkValid();
+ this(null, null, host, port, path, query, null);
}
@@ -152,10 +150,7 @@
public HttpURL(String user, String password, String host)
throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, -1, null, null, null);
- checkValid();
+ this(user, password, host, -1, null, null, null);
}
@@ -172,10 +167,7 @@
public HttpURL(String user, String password, String host, int port)
throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, port, null, null, null);
- checkValid();
+ this(user, password, host, port, null, null, null);
}
@@ -193,10 +185,7 @@
public HttpURL(String user, String password, String host, int port,
String path) throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, port, path, null, null);
- checkValid();
+ this(user, password, host, port, path, null, null);
}
@@ -215,10 +204,7 @@
public HttpURL(String user, String password, String host, int port,
String path, String query) throws URIException {
- this((user == null) ? null : user
- + ((password == null) ? "" : ':' + password),
- host, port, path, query, null);
- checkValid();
+ this(user, password, host, port, path, query, null);
}
@@ -235,15 +221,18 @@
public HttpURL(String host, String path, String query, String fragment)
throws URIException {
- this(null, host, -1, path, query, fragment);
- checkValid();
+ this(null, null, host, -1, path, query, fragment);
}
/**
* Construct a HTTP URL from given components.
+ *
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
*
- * @param userinfo the userinfo string
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param path the path string
* @param query the query string
@@ -255,14 +244,17 @@
String fragment) throws URIException {
this(userinfo, host, -1, path, query, fragment);
- checkValid();
}
/**
* Construct a HTTP URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param port the port number
* @param path the path string
@@ -273,14 +265,17 @@
throws URIException {
this(userinfo, host, port, path, null, null);
- checkValid();
}
/**
* Construct a HTTP URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param port the port number
* @param path the path string
@@ -292,14 +287,17 @@
String query) throws URIException {
this(userinfo, host, port, path, query, null);
- checkValid();
}
/**
* Construct a HTTP URL from given components.
*
- * @param userinfo the userinfo string
+ * Note: The <code>userinfo</code> format is normally
+ * <code><username>:<password></code> where
+ * username and password must both be URL escaped.
+ *
+ * @param userinfo the userinfo string whose parts are URL escaped
* @param host the host string
* @param port the port number
* @param path the path string
@@ -318,7 +316,7 @@
buff.append(_default_scheme);
buff.append("://");
if (userinfo != null) {
- buff.append(URIUtil.encode(userinfo, URI.allowed_userinfo));
+ buff.append(userinfo);
buff.append('@');
}
if (host != null) {
@@ -346,6 +344,35 @@
}
parseUriReference(buff.toString(), true);
checkValid();
+ }
+
+
+ /**
+ * Construct a HTTP URL from given components.
+ *
+ * @param user the user name
+ * @param password his or her password
+ * @param host the host string
+ * @param port the port number
+ * @param path the path string
+ * @param query the query string
+ * @param fragment the fragment string
+ * @throws URIException If [EMAIL PROTECTED] #checkValid()} fails
+ * @see #getDefaultProtocolCharset
+ */
+ public HttpURL(String user, String password, String host, int port,
+ String path, String query, String fragment) throws URIException {
+ this(toUserinfo(user, password), host, port, path, query, fragment);
+ }
+
+ protected static String toUserinfo(String user, String password) throws
URIException {
+ if (user == null) return null;
+ StringBuffer usrinfo = new StringBuffer(20); //sufficient for real world
+ usrinfo.append(URIUtil.encode(user, URI.allowed_within_userinfo));
+ if (password == null) return usrinfo.toString();
+ usrinfo.append(':');
+ usrinfo.append(URIUtil.encode(password, URI.allowed_within_userinfo));
+ return usrinfo.toString();
}
1.12 +19 -9
jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestURI.java
Index: TestURI.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/httpclient/src/test/org/apache/commons/httpclient/TestURI.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- TestURI.java 14 May 2004 09:47:34 -0000 1.11
+++ TestURI.java 30 Sep 2004 17:26:41 -0000 1.12
@@ -188,11 +188,16 @@
assertEquals("http://localhost/";, url.toString());
assertEquals("user:[EMAIL PROTECTED]", url.getAuthority());
- url = new HttpURL("user", "pass#", "localhost", 8080, "/");
+ url = new HttpURL("user#@", "pass#@", "localhost", 8080, "/");
assertEquals("http://localhost:8080/";, url.toString());
- assertEquals("user:pass#", url.getUserinfo());
- assertEquals("user:pass%23", url.getEscapedUserinfo());
+ assertEquals("user#@:pass#@", url.getUserinfo());
+ assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo());
+ url = new HttpURL("user%23%40:pass%23%40", "localhost", 8080, "/");
+ assertEquals("http://localhost:8080/";, url.toString());
+ assertEquals("user#@:pass#@", url.getUserinfo());
+ assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo());
+
url = new HttpURL("localhost", 8080, "/");
assertEquals("http://localhost:8080/";, url.toString());
url.setRawUserinfo("user".toCharArray(), "password".toCharArray());
@@ -207,10 +212,15 @@
assertEquals("https://localhost/";, url.toString());
assertEquals("user:[EMAIL PROTECTED]", url.getAuthority());
- url = new HttpsURL("user", "pass#", "localhost", 8080, "/");
+ url = new HttpsURL("user#@", "pass#@", "localhost", 8080, "/");
+ assertEquals("https://localhost:8080/";, url.toString());
+ assertEquals("user#@:pass#@", url.getUserinfo());
+ assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo());
+
+ url = new HttpsURL("user%23%40:pass%23%40", "localhost", 8080, "/");
assertEquals("https://localhost:8080/";, url.toString());
- assertEquals("user:pass#", url.getUserinfo());
- assertEquals("user:pass%23", url.getEscapedUserinfo());
+ assertEquals("user#@:pass#@", url.getUserinfo());
+ assertEquals("user%23%40:pass%23%40", url.getEscapedUserinfo());
url = new HttpsURL("localhost", 8080, "/");
assertEquals("https://localhost:8080/";, url.toString());
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
