You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/02/15 15:01:19 UTC
[tomcat] branch 10.1.x updated (9ff1b547cf -> 63839291b4)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
from 9ff1b547cf Fix bug BZ 66460 - add shared address space RFC 6598 to internal proxies
new bea5f13570 Code cleanup (format) - no functional change
new 63839291b4 Code cleanup (format) - no functional change
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../catalina/filters/TestAddCharSetFilter.java | 6 +-
.../apache/catalina/filters/TestCorsFilter.java | 978 ++++++++-------------
.../catalina/filters/TestCsrfPreventionFilter.java | 23 +-
.../filters/TestCsrfPreventionFilter2.java | 4 +-
.../apache/catalina/filters/TestExpiresFilter.java | 188 ++--
.../catalina/filters/TestRemoteIpFilter.java | 46 +-
.../filters/TestRestCsrfPreventionFilter.java | 50 +-
.../filters/TestRestCsrfPreventionFilter2.java | 89 +-
.../apache/catalina/filters/TesterFilterChain.java | 3 +-
.../catalina/filters/TesterFilterConfigs.java | 224 ++---
.../catalina/filters/TesterHttpServletRequest.java | 16 +-
.../filters/TesterHttpServletResponse.java | 229 +++--
test/org/apache/catalina/valves/Benchmarks.java | 78 +-
.../apache/catalina/valves/TestAccessLogValve.java | 11 +-
.../valves/TestCrawlerSessionManagerValve.java | 13 +-
.../catalina/valves/TestErrorReportValve.java | 31 +-
.../valves/TestLoadBalancerDrainingValve.java | 79 +-
.../apache/catalina/valves/TestRemoteIpValve.java | 99 ++-
.../catalina/valves/TestRequestFilterValve.java | 340 ++++---
.../valves/TestStuckThreadDetectionValve.java | 21 +-
.../catalina/valves/TesterAccessLogValve.java | 9 +-
21 files changed, 1121 insertions(+), 1416 deletions(-)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 01/02: Code cleanup (format) - no functional change
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit bea5f13570640c69631dbafada6047479c174a1f
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 15 15:00:57 2023 +0000
Code cleanup (format) - no functional change
---
.../catalina/filters/TestAddCharSetFilter.java | 6 +-
.../apache/catalina/filters/TestCorsFilter.java | 978 ++++++++-------------
.../catalina/filters/TestCsrfPreventionFilter.java | 23 +-
.../filters/TestCsrfPreventionFilter2.java | 4 +-
.../apache/catalina/filters/TestExpiresFilter.java | 188 ++--
.../catalina/filters/TestRemoteIpFilter.java | 46 +-
.../filters/TestRestCsrfPreventionFilter.java | 50 +-
.../filters/TestRestCsrfPreventionFilter2.java | 89 +-
.../apache/catalina/filters/TesterFilterChain.java | 3 +-
.../catalina/filters/TesterFilterConfigs.java | 224 ++---
.../catalina/filters/TesterHttpServletRequest.java | 16 +-
.../filters/TesterHttpServletResponse.java | 229 +++--
12 files changed, 795 insertions(+), 1061 deletions(-)
diff --git a/test/org/apache/catalina/filters/TestAddCharSetFilter.java b/test/org/apache/catalina/filters/TestAddCharSetFilter.java
index 7b069269cb..cb8788658f 100644
--- a/test/org/apache/catalina/filters/TestAddCharSetFilter.java
+++ b/test/org/apache/catalina/filters/TestAddCharSetFilter.java
@@ -88,8 +88,7 @@ public class TestAddCharSetFilter extends TomcatBaseTest {
doTest(encoding, expected, 1, false);
}
- private void doTest(String encoding, String expected, int mode, boolean useSetContentType)
- throws Exception {
+ private void doTest(String encoding, String expected, int mode, boolean useSetContentType) throws Exception {
// Setup Tomcat instance
Tomcat tomcat = getTomcatInstance();
@@ -136,8 +135,7 @@ public class TestAddCharSetFilter extends TomcatBaseTest {
}
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String value;
switch (mode) {
diff --git a/test/org/apache/catalina/filters/TestCorsFilter.java b/test/org/apache/catalina/filters/TestCorsFilter.java
index 73d1c98627..c5f68b1b81 100644
--- a/test/org/apache/catalina/filters/TestCorsFilter.java
+++ b/test/org/apache/catalina/filters/TestCorsFilter.java
@@ -41,14 +41,15 @@ public class TestCorsFilter {
* Tests if a GET request is treated as simple request.
*
* @See http://www.w3.org/TR/cors/#simple-method
+ *
* @throws IOException
+ *
* @throws ServletException
*/
@Test
public void testDoFilterSimpleGET() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("GET");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -56,30 +57,28 @@ public class TestCorsFilter {
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
/*
* Tests if a POST request is treated as simple request.
*
* @See http://www.w3.org/TR/cors/#simple-method
+ *
* @throws IOException
+ *
* @throws ServletException
*/
@Test
public void testDoFilterSimplePOST() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setContentType("text/plain");
request.setMethod("POST");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -88,30 +87,28 @@ public class TestCorsFilter {
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
/*
* Tests if a HEAD request is treated as simple request.
*
* @See http://www.w3.org/TR/cors/#simple-method
+ *
* @throws IOException
+ *
* @throws ServletException
*/
@Test
public void testDoFilterSimpleHEAD() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("HEAD");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -119,30 +116,26 @@ public class TestCorsFilter {
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
/*
* Test the presence of specific origin in response, when '*' is not used.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test
- public void testDoFilterSimpleSpecificHeader() throws IOException,
- ServletException {
+ public void testDoFilterSimpleSpecificHeader() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("POST");
request.setContentType("text/plain");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -151,325 +144,251 @@ public class TestCorsFilter {
corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
/*
- * Tests the that supports credentials may not be enabled with any origin,
- * '*'.
+ * Tests the that supports credentials may not be enabled with any origin, '*'.
*
* @throws ServletException
*/
- @Test(expected=ServletException.class)
+ @Test(expected = ServletException.class)
public void testDoFilterSimpleAnyOriginAndSupportsCredentials() throws ServletException {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getFilterConfigAnyOriginAndSupportsCredentials());
}
/*
- * Tests the presence of the origin (and not '*') in the response, when
- * supports credentials is enabled alongwith any origin, '*'.
+ * Tests the presence of the origin (and not '*') in the response, when supports credentials is enabled alongwith
+ * any origin, '*'.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test
- public void testDoFilterSimpleAnyOriginAndSupportsCredentialsDisabled()
- throws IOException, ServletException {
+ public void testDoFilterSimpleAnyOriginAndSupportsCredentialsDisabled() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("GET");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getFilterConfigAnyOriginAndSupportsCredentialsDisabled());
+ corsFilter.init(TesterFilterConfigs.getFilterConfigAnyOriginAndSupportsCredentialsDisabled());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.ANY_ORIGIN));
- Assert.assertNull(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.ANY_ORIGIN));
+ Assert.assertNull(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
/*
* Tests the presence of exposed headers in response, if configured.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test
- public void testDoFilterSimpleWithExposedHeaders() throws IOException,
- ServletException {
+ public void testDoFilterSimpleWithExposedHeaders() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("POST");
request.setContentType("text/plain");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getFilterConfigWithExposedHeaders());
+ corsFilter.init(TesterFilterConfigs.getFilterConfigWithExposedHeaders());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_EXPOSE_HEADERS)
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_EXPOSE_HEADERS)
.equals(TesterFilterConfigs.EXPOSED_HEADERS));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
/*
* Checks if an OPTIONS request is processed as pre-flight.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test
public void testDoFilterPreflight() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals(
- "Content-Type"));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(
+ request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals("Content-Type"));
}
/*
- * Checks if an OPTIONS request is processed as pre-flight where any origin
- * is enabled.
+ * Checks if an OPTIONS request is processed as pre-flight where any origin is enabled.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test
- public void testDoFilterPreflightAnyOrigin() throws IOException,
- ServletException {
+ public void testDoFilterPreflightAnyOrigin() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals(
- "Content-Type"));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(
+ request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals("Content-Type"));
}
/*
* Checks if an OPTIONS request is processed as pre-flight.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test
- public void testDoFilterPreflightInvalidOrigin() throws IOException,
- ServletException {
+ public void testDoFilterPreflightInvalidOrigin() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://www.example.com");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://www.example.com");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(response.getStatus(),
- HttpServletResponse.SC_FORBIDDEN);
+ Assert.assertEquals(response.getStatus(), HttpServletResponse.SC_FORBIDDEN);
}
@Test
- public void testDoFilterPreflightNegativeMaxAge() throws IOException,
- ServletException {
+ public void testDoFilterPreflightNegativeMaxAge() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfigNegativeMaxAge());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfigNegativeMaxAge());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertNull(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_MAX_AGE));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals(
- "Content-Type"));
- }
-
- @Test
- public void testDoFilterPreflightWithCredentials() throws IOException,
- ServletException {
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertNull(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_MAX_AGE));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(
+ request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals("Content-Type"));
+ }
+
+ @Test
+ public void testDoFilterPreflightWithCredentials() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSecureFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSecureFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS)
- .equals("true"));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals(
- "Content-Type"));
- }
-
- @Test
- public void testDoFilterPreflightWithoutCredentialsAndSpecificOrigin()
- throws IOException,
- ServletException {
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(
+ response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS).equals("true"));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(
+ request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals("Content-Type"));
+ }
+
+ @Test
+ public void testDoFilterPreflightWithoutCredentialsAndSpecificOrigin() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getFilterConfigSpecificOriginAndSupportsCredentialsDisabled());
+ corsFilter.init(TesterFilterConfigs.getFilterConfigSpecificOriginAndSupportsCredentialsDisabled());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertNull(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals(
- "Content-Type"));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertNull(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.PRE_FLIGHT.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertTrue(
+ request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS).equals("Content-Type"));
}
/*
@@ -485,14 +404,13 @@ public class TestCorsFilter {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.NOT_CORS, requestType);
corsFilter.doFilter(request, response, filterChain);
- Assert.assertFalse(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertFalse(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
}
/*
@@ -500,48 +418,41 @@ public class TestCorsFilter {
*/
@Test
public void testDoFilterSameHostWithOrigin01() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "http://localhost:8080", "http", "localhost", 8080, false);
+ doTestDoFilterSameHostWithOrigin01("http://localhost:8080", "http", "localhost", 8080, false);
}
@Test
public void testDoFilterSameHostWithOrigin02() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "http://localhost:8080", "https", "localhost", 8080, true);
+ doTestDoFilterSameHostWithOrigin01("http://localhost:8080", "https", "localhost", 8080, true);
}
@Test
public void testDoFilterSameHostWithOrigin03() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "http://localhost:8080", "http", "localhost", 8081, true);
+ doTestDoFilterSameHostWithOrigin01("http://localhost:8080", "http", "localhost", 8081, true);
}
@Test
public void testDoFilterSameHostWithOrigin04() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "http://localhost:8080", "http", "foo.dev.local", 8080, true);
+ doTestDoFilterSameHostWithOrigin01("http://localhost:8080", "http", "foo.dev.local", 8080, true);
}
@Test
public void testDoFilterSameHostWithOrigin05() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "https://localhost:8443", "https", "localhost", 8443, false);
+ doTestDoFilterSameHostWithOrigin01("https://localhost:8443", "https", "localhost", 8443, false);
}
@Test
public void testDoFilterSameHostWithOrigin06() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "https://localhost", "https", "localhost", 443, false);
+ doTestDoFilterSameHostWithOrigin01("https://localhost", "https", "localhost", 443, false);
}
@Test
public void testDoFilterSameHostWithOrigin07() throws IOException, ServletException {
- doTestDoFilterSameHostWithOrigin01(
- "http://localhost", "http", "localhost", 80, false);
+ doTestDoFilterSameHostWithOrigin01("http://localhost", "http", "localhost", 80, false);
}
- private void doTestDoFilterSameHostWithOrigin01(String origin, String scheme, String host,
- int port, boolean isCors) throws IOException, ServletException {
+ private void doTestDoFilterSameHostWithOrigin01(String origin, String scheme, String host, int port, boolean isCors)
+ throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
@@ -555,8 +466,7 @@ public class TestCorsFilter {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
if (isCors) {
Assert.assertNotEquals(CorsFilter.CORSRequestType.NOT_CORS, requestType);
} else {
@@ -566,20 +476,18 @@ public class TestCorsFilter {
corsFilter.doFilter(request, response, filterChain);
if (isCors) {
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
} else {
- Assert.assertFalse(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertFalse(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
}
}
@Test
- public void testDoFilterInvalidCORSOriginNotAllowed() throws IOException,
- ServletException {
+ public void testDoFilterInvalidCORSOriginNotAllowed() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "www.google.com");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "www.google.com");
request.setMethod("POST");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -587,16 +495,14 @@ public class TestCorsFilter {
corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
* A CORS request arrives with a "null" origin which is allowed by default.
*/
@Test
- public void testDoFilterNullOriginAllowedByDefault() throws IOException,
- ServletException {
+ public void testDoFilterNullOriginAllowedByDefault() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setMethod("POST");
@@ -606,23 +512,20 @@ public class TestCorsFilter {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.SIMPLE, requestType);
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
}
/*
- * A CORS request arrives with a "null" origin which is explicitly allowed
- * by configuration.
+ * A CORS request arrives with a "null" origin which is explicitly allowed by configuration.
*/
@Test
- public void testDoFilterNullOriginAllowedByConfiguration() throws
- IOException, ServletException {
+ public void testDoFilterNullOriginAllowedByConfiguration() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setMethod("POST");
@@ -631,29 +534,25 @@ public class TestCorsFilter {
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(
- TesterFilterConfigs.getFilterConfigSpecificOriginNullAllowed());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getFilterConfigSpecificOriginNullAllowed());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.SIMPLE, requestType);
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
}
@Test(expected = ServletException.class)
- public void testDoFilterNullRequestNullResponse() throws IOException,
- ServletException {
+ public void testDoFilterNullRequestNullResponse() throws IOException, ServletException {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(null, null, filterChain);
}
@Test(expected = ServletException.class)
- public void testDoFilterNullRequestResponse() throws IOException,
- ServletException {
+ public void testDoFilterNullRequestResponse() throws IOException, ServletException {
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
@@ -661,8 +560,7 @@ public class TestCorsFilter {
}
@Test(expected = ServletException.class)
- public void testDoFilterRequestNullResponse() throws IOException,
- ServletException {
+ public void testDoFilterRequestNullResponse() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
@@ -670,11 +568,9 @@ public class TestCorsFilter {
}
@Test
- public void testInitDefaultFilterConfig() throws IOException,
- ServletException {
+ public void testInitDefaultFilterConfig() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("GET");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -684,14 +580,17 @@ public class TestCorsFilter {
public ServletContext getServletContext() {
return null;
}
+
@Override
public Enumeration<String> getInitParameterNames() {
return null;
}
+
@Override
public String getInitParameter(String name) {
return null;
}
+
@Override
public String getFilterName() {
return null;
@@ -699,16 +598,13 @@ public class TestCorsFilter {
});
corsFilter.doFilter(request, response, filterChain);
- Assert.assertNull(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN));
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN).equals(
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
- Assert.assertTrue(request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE).equals(
- CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
+ Assert.assertNull(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN));
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN)
+ .equals(TesterFilterConfigs.HTTPS_WWW_APACHE_ORG));
+ Assert.assertTrue(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE)
+ .equals(CorsFilter.CORSRequestType.SIMPLE.name().toLowerCase(Locale.ENGLISH)));
}
@Test(expected = ServletException.class)
@@ -723,24 +619,20 @@ public class TestCorsFilter {
* Tests if a non-simple request is given to simple request handler.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test(expected = IllegalArgumentException.class)
public void testNotSimple() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
TesterHttpServletResponse response = new TesterHttpServletResponse();
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.handleSimpleCORS(request, response, filterChain);
}
@@ -748,13 +640,13 @@ public class TestCorsFilter {
* When a non-preflight request is given to a pre-flight request handler.
*
* @throws IOException
+ *
* @throws ServletException
*/
@Test(expected = IllegalArgumentException.class)
public void testNotPreflight() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("GET");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -770,8 +662,7 @@ public class TestCorsFilter {
@Test(expected = IllegalArgumentException.class)
public void testDecorateCORSPropertiesNullRequestValidCORSRequestType() {
- CorsFilter.decorateCORSProperties(null,
- CorsFilter.CORSRequestType.SIMPLE);
+ CorsFilter.decorateCORSProperties(null, CorsFilter.CORSRequestType.SIMPLE);
}
@Test(expected = IllegalArgumentException.class)
@@ -783,33 +674,26 @@ public class TestCorsFilter {
@Test
public void testDecorateCORSPropertiesCORSRequestTypeNotCORS() {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- CorsFilter.decorateCORSProperties(request,
- CorsFilter.CORSRequestType.NOT_CORS);
- Assert.assertFalse(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ CorsFilter.decorateCORSProperties(request, CorsFilter.CORSRequestType.NOT_CORS);
+ Assert.assertFalse(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
}
@Test
public void testDecorateCORSPropertiesCORSRequestTypeInvalidCORS() {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- CorsFilter
- .decorateCORSProperties(request,
- CorsFilter.CORSRequestType.INVALID_CORS);
- Assert.assertNull(request
- .getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST));
+ CorsFilter.decorateCORSProperties(request, CorsFilter.CORSRequestType.INVALID_CORS);
+ Assert.assertNull(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST));
}
@Test
public void testCheckSimpleRequestTypeAnyOrigin() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://www.w3.org");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://www.w3.org");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.SIMPLE, requestType);
}
@@ -821,14 +705,11 @@ public class TestCorsFilter {
@Test
public void testCheckSimpleRequestType() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.SIMPLE, requestType);
}
@@ -840,14 +721,11 @@ public class TestCorsFilter {
@Test
public void testCheckActualRequestType() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
request.setMethod("PUT");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.ACTUAL, requestType);
}
@@ -857,18 +735,14 @@ public class TestCorsFilter {
* @throws ServletException
*/
@Test
- public void testCheckActualRequestTypeMethodPOSTNotSimpleHeaders()
- throws ServletException {
+ public void testCheckActualRequestTypeMethodPOSTNotSimpleHeaders() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
request.setMethod("POST");
request.setContentType("application/json");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.ACTUAL, requestType);
}
@@ -880,63 +754,44 @@ public class TestCorsFilter {
@Test
public void testCheckPreFlightRequestType() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Content-Type");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Content-Type");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.PRE_FLIGHT, requestType);
}
/*
- * when a valid CORS Pre-flight request arrives, with no
- * Access-Control-Request-Method
+ * when a valid CORS Pre-flight request arrives, with no Access-Control-Request-Method
*/
@Test
public void testCheckPreFlightRequestTypeNoACRM() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.ACTUAL, requestType);
}
/*
- * when a valid CORS Pre-flight request arrives, with empty
- * Access-Control-Request-Method
+ * when a valid CORS Pre-flight request arrives, with empty Access-Control-Request-Method
*/
@Test
- public void testCheckPreFlightRequestTypeEmptyACRM()
- throws ServletException {
+ public void testCheckPreFlightRequestTypeEmptyACRM() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
/*
@@ -945,20 +800,14 @@ public class TestCorsFilter {
* @throws ServletException
*/
@Test
- public void testCheckPreFlightRequestTypeNoHeaders()
- throws ServletException {
+ public void testCheckPreFlightRequestTypeNoHeaders() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.PRE_FLIGHT, requestType);
}
@@ -966,128 +815,96 @@ public class TestCorsFilter {
* Section 6.2.3
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
- public void testCheckPreFlightRequestTypeInvalidRequestMethod()
- throws ServletException, IOException {
+ public void testCheckPreFlightRequestTypeInvalidRequestMethod() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "POLITE");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "POLITE");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
* Section Section 6.2.5
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
- public void testCheckPreFlightRequestTypeUnsupportedRequestMethod()
- throws ServletException, IOException {
+ public void testCheckPreFlightRequestTypeUnsupportedRequestMethod() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "TRACE");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "TRACE");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
* Section Section 6.2.6
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
- public void testCheckPreFlightRequestTypeUnsupportedRequestHeaders()
- throws ServletException, IOException {
+ public void testCheckPreFlightRequestTypeUnsupportedRequestHeaders() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "X-ANSWER");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "X-ANSWER");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSecureFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSecureFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
* Section Section 6.2.7
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
- public void testCheckPreFlightRequestTypeAnyOriginNoWithCredentials()
- throws ServletException, IOException {
+ public void testCheckPreFlightRequestTypeAnyOriginNoWithCredentials() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "Origin");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "Origin");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getFilterConfigAnyOriginAndSupportsCredentialsDisabled());
+ corsFilter.init(TesterFilterConfigs.getFilterConfigAnyOriginAndSupportsCredentialsDisabled());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals(
- "*"));
- Assert.assertNull(response
- .getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
+ Assert.assertNull(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_CREDENTIALS));
}
@Test
- public void testCheckPreFlightRequestTypeOriginNotAllowed()
- throws ServletException, IOException {
+ public void testCheckPreFlightRequestTypeOriginNotAllowed() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "www.ebay.com");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "www.ebay.com");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSecureFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSecureFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
@@ -1096,23 +913,15 @@ public class TestCorsFilter {
* @throws ServletException
*/
@Test
- public void testCheckPreFlightRequestTypeEmptyHeaders()
- throws ServletException {
+ public void testCheckPreFlightRequestTypeEmptyHeaders() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD,
- "PUT");
- request.setHeader(
- CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS,
- "");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTP_TOMCAT_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_METHOD, "PUT");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ACCESS_CONTROL_REQUEST_HEADERS, "");
request.setMethod("OPTIONS");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.PRE_FLIGHT, requestType);
}
@@ -1122,50 +931,40 @@ public class TestCorsFilter {
* @throws ServletException
*/
@Test
- public void testCheckNotCORSRequestTypeEmptyOrigin()
- throws ServletException {
+ public void testCheckNotCORSRequestTypeEmptyOrigin() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
/*
- * Tests for failure, when a different domain is used, that's not in the
- * allowed list of origins.
+ * Tests for failure, when a different domain is used, that's not in the allowed list of origins.
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
public void testCheckInvalidOrigin() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "www.example.com");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "www.example.com");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
- * Tests for failure, when the 'null' origin is used, and it's not in the
- * list of allowed origins.
+ * Tests for failure, when the 'null' origin is used, and it's not in the list of allowed origins.
*/
@Test
- public void testCheckNullOriginNotAllowed() throws ServletException,
- IOException {
+ public void testCheckNullOriginNotAllowed() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "null");
@@ -1173,53 +972,45 @@ public class TestCorsFilter {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
- * Tests for failure, when a different sub-domain is used, that's not in the
- * allowed list of origins.
+ * Tests for failure, when a different sub-domain is used, that's not in the allowed list of origins.
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
- public void testCheckInvalidOriginNotAllowedSubdomain()
- throws ServletException, IOException {
+ public void testCheckInvalidOriginNotAllowedSubdomain() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://commons.apache.org");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://commons.apache.org");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
* PUT is not an allowed request method.
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
- public void testCheckInvalidRequestMethod() throws ServletException,
- IOException {
+ public void testCheckInvalidRequestMethod() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://tomcat.apache.org");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://tomcat.apache.org");
request.setMethod("PUT");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
@@ -1230,64 +1021,53 @@ public class TestCorsFilter {
@Test
public void testCheckNullRequestMethod() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://tomcat.apache.org");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://tomcat.apache.org");
request.setMethod(null);
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
/*
- * "http://tomcat.apache.org" is an allowed origin and
- * "https://tomcat.apache.org" is not, because scheme doesn't match
+ * "http://tomcat.apache.org" is an allowed origin and "https://tomcat.apache.org" is not, because scheme doesn't
+ * match
*
* @throws ServletException
*/
@Test
public void testCheckForSchemeVariance() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "https://tomcat.apache.org");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "https://tomcat.apache.org");
request.setMethod("POST");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
/*
- * "http://tomcat.apache.org" is an allowed origin and
- * "http://tomcat.apache.org:8080" is not, because ports doesn't match
+ * "http://tomcat.apache.org" is an allowed origin and "http://tomcat.apache.org:8080" is not, because ports doesn't
+ * match
*
* @throws ServletException
+ *
* @throws IOException
*/
@Test
public void testCheckForPortVariance() throws ServletException, IOException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
TesterHttpServletResponse response = new TesterHttpServletResponse();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://tomcat.apache.org:8080");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://tomcat.apache.org:8080");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getSpecificOriginFilterConfig());
+ corsFilter.init(TesterFilterConfigs.getSpecificOriginFilterConfig());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN,
- response.getStatus());
+ Assert.assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
}
/*
- * Tests for failure, when an invalid {@link HttpServletRequest} is
- * encountered.
+ * Tests for failure, when an invalid {@link HttpServletRequest} is encountered.
*/
@Test(expected = IllegalArgumentException.class)
public void testCheckRequestTypeNull() {
@@ -1388,11 +1168,9 @@ public class TestCorsFilter {
}
@Test(expected = ServletException.class)
- public void testWithFilterConfigInvalidPreflightAge()
- throws ServletException {
+ public void testWithFilterConfigInvalidPreflightAge() throws ServletException {
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getFilterConfigInvalidMaxPreflightAge());
+ corsFilter.init(TesterFilterConfigs.getFilterConfigInvalidMaxPreflightAge());
}
@Test
@@ -1447,76 +1225,57 @@ public class TestCorsFilter {
@Test
public void testInValidOriginEncodedCRLF3() {
- Assert.assertFalse(RequestUtil
- .isValidOrigin("http://www.w3.org%0%0d%0ad%0%0d%0aa"));
+ Assert.assertFalse(RequestUtil.isValidOrigin("http://www.w3.org%0%0d%0ad%0%0d%0aa"));
}
@Test
public void testCheckInvalidCRLF1() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://www.w3.org\r\n");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://www.w3.org\r\n");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
@Test
public void testCheckInvalidCRLF2() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://www.w3.org\r\n");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://www.w3.org\r\n");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
@Test
public void testCheckInvalidCRLF3() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://www.w3.org%0d%0a");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://www.w3.org%0d%0a");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
@Test
public void testCheckInvalidCRLF4() throws ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- "http://www.w3.org%0D%0A");
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, "http://www.w3.org%0D%0A");
request.setMethod("GET");
CorsFilter corsFilter = new CorsFilter();
- corsFilter.init(TesterFilterConfigs
- .getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
- Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS,
- requestType);
+ corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
+ Assert.assertEquals(CorsFilter.CORSRequestType.INVALID_CORS, requestType);
}
@Test
- public void testDecorateRequestDisabled() throws IOException,
- ServletException {
+ public void testDecorateRequestDisabled() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
- request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN,
- TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
+ request.setHeader(CorsFilter.REQUEST_HEADER_ORIGIN, TesterFilterConfigs.HTTPS_WWW_APACHE_ORG);
request.setMethod("GET");
TesterHttpServletResponse response = new TesterHttpServletResponse();
@@ -1524,24 +1283,18 @@ public class TestCorsFilter {
corsFilter.init(TesterFilterConfigs.getFilterConfigDecorateRequestDisabled());
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(response.getHeader(
- CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
- Assert.assertNull(request
- .getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST));
- Assert.assertNull(request
- .getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN));
- Assert.assertNull(request
- .getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS));
- Assert.assertNull(request
- .getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE));
+ Assert.assertTrue(response.getHeader(CorsFilter.RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_ORIGIN).equals("*"));
+ Assert.assertNull(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST));
+ Assert.assertNull(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_ORIGIN));
+ Assert.assertNull(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_HEADERS));
+ Assert.assertNull(request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_REQUEST_TYPE));
}
/*
* A CORS request arrives with a "null" origin which is allowed by default.
*/
@Test
- public void testContentTypeWithParameter() throws IOException,
- ServletException {
+ public void testContentTypeWithParameter() throws IOException, ServletException {
TesterHttpServletRequest request = new TesterHttpServletRequest();
request.setMethod("POST");
@@ -1551,13 +1304,12 @@ public class TestCorsFilter {
CorsFilter corsFilter = new CorsFilter();
corsFilter.init(TesterFilterConfigs.getDefaultFilterConfig());
- CorsFilter.CORSRequestType requestType =
- corsFilter.checkRequestType(request);
+ CorsFilter.CORSRequestType requestType = corsFilter.checkRequestType(request);
Assert.assertEquals(CorsFilter.CORSRequestType.SIMPLE, requestType);
corsFilter.doFilter(request, response, filterChain);
- Assert.assertTrue(((Boolean) request.getAttribute(
- CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
+ Assert.assertTrue(
+ ((Boolean) request.getAttribute(CorsFilter.HTTP_REQUEST_ATTRIBUTE_IS_CORS_REQUEST)).booleanValue());
}
}
diff --git a/test/org/apache/catalina/filters/TestCsrfPreventionFilter.java b/test/org/apache/catalina/filters/TestCsrfPreventionFilter.java
index c625637420..05f0cd2be9 100644
--- a/test/org/apache/catalina/filters/TestCsrfPreventionFilter.java
+++ b/test/org/apache/catalina/filters/TestCsrfPreventionFilter.java
@@ -31,35 +31,29 @@ import org.apache.catalina.startup.TomcatBaseTest;
public class TestCsrfPreventionFilter extends TomcatBaseTest {
- private static final String RESULT_NONCE =
- Constants.CSRF_NONCE_SESSION_ATTR_NAME + "=TESTNONCE";
+ private static final String RESULT_NONCE = Constants.CSRF_NONCE_SESSION_ATTR_NAME + "=TESTNONCE";
- private final HttpServletResponse wrapper =
- new CsrfPreventionFilter.CsrfResponseWrapper(
- new NonEncodingResponse(), Constants.CSRF_NONCE_SESSION_ATTR_NAME, "TESTNONCE");
+ private final HttpServletResponse wrapper = new CsrfPreventionFilter.CsrfResponseWrapper(new NonEncodingResponse(),
+ Constants.CSRF_NONCE_SESSION_ATTR_NAME, "TESTNONCE");
@Test
public void testAddNonceNoQueryNoAnchor() throws Exception {
- Assert.assertEquals("/test?" + RESULT_NONCE ,
- wrapper.encodeRedirectURL("/test"));
+ Assert.assertEquals("/test?" + RESULT_NONCE, wrapper.encodeRedirectURL("/test"));
}
@Test
public void testAddNonceQueryNoAnchor() throws Exception {
- Assert.assertEquals("/test?a=b&" + RESULT_NONCE ,
- wrapper.encodeRedirectURL("/test?a=b"));
+ Assert.assertEquals("/test?a=b&" + RESULT_NONCE, wrapper.encodeRedirectURL("/test?a=b"));
}
@Test
public void testAddNonceNoQueryAnchor() throws Exception {
- Assert.assertEquals("/test?" + RESULT_NONCE + "#c",
- wrapper.encodeRedirectURL("/test#c"));
+ Assert.assertEquals("/test?" + RESULT_NONCE + "#c", wrapper.encodeRedirectURL("/test#c"));
}
@Test
public void testAddNonceQueryAnchor() throws Exception {
- Assert.assertEquals("/test?a=b&" + RESULT_NONCE + "#c",
- wrapper.encodeRedirectURL("/test?a=b#c"));
+ Assert.assertEquals("/test?a=b&" + RESULT_NONCE + "#c", wrapper.encodeRedirectURL("/test?a=b#c"));
}
@Test
@@ -76,8 +70,7 @@ public class TestCsrfPreventionFilter extends TomcatBaseTest {
ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(cache);
- ByteArrayInputStream bais =
- new ByteArrayInputStream(baos.toByteArray());
+ ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
ObjectInputStream ois = new ObjectInputStream(bais);
@SuppressWarnings("unchecked")
LruCache<String> cache2 = (LruCache<String>) ois.readObject();
diff --git a/test/org/apache/catalina/filters/TestCsrfPreventionFilter2.java b/test/org/apache/catalina/filters/TestCsrfPreventionFilter2.java
index f8a3281428..9560c44bd5 100644
--- a/test/org/apache/catalina/filters/TestCsrfPreventionFilter2.java
+++ b/test/org/apache/catalina/filters/TestCsrfPreventionFilter2.java
@@ -24,8 +24,8 @@ import org.apache.catalina.filters.CsrfPreventionFilter.LruCache;
public class TestCsrfPreventionFilter2 {
/*
- * When this test fails, it tends to enter a long running loop but it will
- * eventually finish (after ~70s on a 8-core Windows box).
+ * When this test fails, it tends to enter a long running loop but it will eventually finish (after ~70s on a 8-core
+ * Windows box).
*/
@Test
public void testLruCacheConcurrency() throws Exception {
diff --git a/test/org/apache/catalina/filters/TestExpiresFilter.java b/test/org/apache/catalina/filters/TestExpiresFilter.java
index 3217146d32..38acb2eaa2 100644
--- a/test/org/apache/catalina/filters/TestExpiresFilter.java
+++ b/test/org/apache/catalina/filters/TestExpiresFilter.java
@@ -58,14 +58,11 @@ public class TestExpiresFilter extends TomcatBaseTest {
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("ExpiresDefault", "access plus 1 month");
- filterDef.addInitParameter("ExpiresByType text/html",
- "access plus 1 month 15 days 2 hours");
- filterDef.addInitParameter("ExpiresByType image/gif",
- "modification plus 5 hours 3 minutes");
+ filterDef.addInitParameter("ExpiresByType text/html", "access plus 1 month 15 days 2 hours");
+ filterDef.addInitParameter("ExpiresByType image/gif", "modification plus 5 hours 3 minutes");
filterDef.addInitParameter("ExpiresByType image/jpg", "A10000");
filterDef.addInitParameter("ExpiresByType video/mpeg", "M20000");
- filterDef.addInitParameter("ExpiresExcludedResponseStatusCodes",
- "304, 503");
+ filterDef.addInitParameter("ExpiresExcludedResponseStatusCodes", "304, 503");
ExpiresFilter expiresFilter = new ExpiresFilter();
@@ -88,20 +85,16 @@ public class TestExpiresFilter extends TomcatBaseTest {
Assert.assertEquals(503, excludedResponseStatusCodes[1]);
// VERIFY DEFAULT CONFIGURATION
- ExpiresConfiguration expiresConfigurationDefault =
- expiresFilter.getDefaultExpiresConfiguration();
- Assert.assertEquals(StartingPoint.ACCESS_TIME,
- expiresConfigurationDefault.getStartingPoint());
+ ExpiresConfiguration expiresConfigurationDefault = expiresFilter.getDefaultExpiresConfiguration();
+ Assert.assertEquals(StartingPoint.ACCESS_TIME, expiresConfigurationDefault.getStartingPoint());
Assert.assertEquals(1, expiresConfigurationDefault.getDurations().size());
- Assert.assertEquals(DurationUnit.MONTH,
- expiresConfigurationDefault.getDurations().get(0).getUnit());
+ Assert.assertEquals(DurationUnit.MONTH, expiresConfigurationDefault.getDurations().get(0).getUnit());
Assert.assertEquals(1, expiresConfigurationDefault.getDurations().get(0).getAmount());
// VERIFY TEXT/HTML
- ExpiresConfiguration expiresConfigurationTextHtml =
- expiresFilter.getExpiresConfigurationByContentType().get("text/html");
- Assert.assertEquals(StartingPoint.ACCESS_TIME,
- expiresConfigurationTextHtml.getStartingPoint());
+ ExpiresConfiguration expiresConfigurationTextHtml = expiresFilter.getExpiresConfigurationByContentType()
+ .get("text/html");
+ Assert.assertEquals(StartingPoint.ACCESS_TIME, expiresConfigurationTextHtml.getStartingPoint());
Assert.assertEquals(3, expiresConfigurationTextHtml.getDurations().size());
@@ -118,10 +111,9 @@ public class TestExpiresFilter extends TomcatBaseTest {
Assert.assertEquals(2, twoHours.getAmount());
// VERIFY IMAGE/GIF
- ExpiresConfiguration expiresConfigurationImageGif =
- expiresFilter.getExpiresConfigurationByContentType().get("image/gif");
- Assert.assertEquals(StartingPoint.LAST_MODIFICATION_TIME,
- expiresConfigurationImageGif.getStartingPoint());
+ ExpiresConfiguration expiresConfigurationImageGif = expiresFilter.getExpiresConfigurationByContentType()
+ .get("image/gif");
+ Assert.assertEquals(StartingPoint.LAST_MODIFICATION_TIME, expiresConfigurationImageGif.getStartingPoint());
Assert.assertEquals(2, expiresConfigurationImageGif.getDurations().size());
@@ -134,10 +126,9 @@ public class TestExpiresFilter extends TomcatBaseTest {
Assert.assertEquals(3, threeMinutes.getAmount());
// VERIFY IMAGE/JPG
- ExpiresConfiguration expiresConfigurationImageJpg =
- expiresFilter.getExpiresConfigurationByContentType().get("image/jpg");
- Assert.assertEquals(StartingPoint.ACCESS_TIME,
- expiresConfigurationImageJpg.getStartingPoint());
+ ExpiresConfiguration expiresConfigurationImageJpg = expiresFilter.getExpiresConfigurationByContentType()
+ .get("image/jpg");
+ Assert.assertEquals(StartingPoint.ACCESS_TIME, expiresConfigurationImageJpg.getStartingPoint());
Assert.assertEquals(1, expiresConfigurationImageJpg.getDurations().size());
@@ -146,10 +137,9 @@ public class TestExpiresFilter extends TomcatBaseTest {
Assert.assertEquals(10000, tenThousandSeconds.getAmount());
// VERIFY VIDEO/MPEG
- ExpiresConfiguration expiresConfiguration =
- expiresFilter.getExpiresConfigurationByContentType().get("video/mpeg");
- Assert.assertEquals(StartingPoint.LAST_MODIFICATION_TIME,
- expiresConfiguration.getStartingPoint());
+ ExpiresConfiguration expiresConfiguration = expiresFilter.getExpiresConfigurationByContentType()
+ .get("video/mpeg");
+ Assert.assertEquals(StartingPoint.LAST_MODIFICATION_TIME, expiresConfiguration.getStartingPoint());
Assert.assertEquals(1, expiresConfiguration.getDurations().size());
@@ -170,9 +160,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("text/plain");
// no content is written in the response
}
@@ -184,10 +173,10 @@ public class TestExpiresFilter extends TomcatBaseTest {
@Test
public void testParseExpiresConfigurationCombinedDuration() {
ExpiresFilter expiresFilter = new ExpiresFilter();
- ExpiresConfiguration actualConfiguration = expiresFilter.parseExpiresConfiguration("access plus 1 month 15 days 2 hours");
+ ExpiresConfiguration actualConfiguration = expiresFilter
+ .parseExpiresConfiguration("access plus 1 month 15 days 2 hours");
- Assert.assertEquals(StartingPoint.ACCESS_TIME,
- actualConfiguration.getStartingPoint());
+ Assert.assertEquals(StartingPoint.ACCESS_TIME, actualConfiguration.getStartingPoint());
Assert.assertEquals(3, actualConfiguration.getDurations().size());
@@ -198,14 +187,11 @@ public class TestExpiresFilter extends TomcatBaseTest {
ExpiresFilter expiresFilter = new ExpiresFilter();
ExpiresConfiguration actualConfiguration = expiresFilter.parseExpiresConfiguration("access plus 2 hours");
- Assert.assertEquals(StartingPoint.ACCESS_TIME,
- actualConfiguration.getStartingPoint());
+ Assert.assertEquals(StartingPoint.ACCESS_TIME, actualConfiguration.getStartingPoint());
Assert.assertEquals(1, actualConfiguration.getDurations().size());
- Assert.assertEquals(2,
- actualConfiguration.getDurations().get(0).getAmount());
- Assert.assertEquals(DurationUnit.HOUR,
- actualConfiguration.getDurations().get(0).getUnit());
+ Assert.assertEquals(2, actualConfiguration.getDurations().get(0).getAmount());
+ Assert.assertEquals(DurationUnit.HOUR, actualConfiguration.getDurations().get(0).getUnit());
}
@@ -215,9 +201,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("text/xml; charset=utf-8");
response.addHeader("Cache-Control", "private, max-age=232");
response.getWriter().print("Hello world");
@@ -233,9 +218,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
response.addHeader("ETag", "W/\"1934-1269208821000\"");
response.addDateHeader("Date", System.currentTimeMillis());
@@ -251,9 +235,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType(null);
}
};
@@ -267,9 +250,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("text/xml; charset=utf-8");
response.addDateHeader("Expires", System.currentTimeMillis());
response.getWriter().print("Hello world");
@@ -285,9 +267,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("text/xml; charset=utf-8");
response.getWriter().print("Hello world");
}
@@ -297,15 +278,13 @@ public class TestExpiresFilter extends TomcatBaseTest {
}
@Test
- public void testUseContentTypeWithoutCharsetExpiresConfiguration()
- throws Exception {
+ public void testUseContentTypeWithoutCharsetExpiresConfiguration() throws Exception {
HttpServlet servlet = new HttpServlet() {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("text/xml; charset=iso-8859-1");
response.getWriter().print("Hello world");
}
@@ -320,9 +299,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("image/jpeg");
response.getWriter().print("Hello world");
}
@@ -337,9 +315,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("image/jpeg");
response.addHeader("Cache-Control", "private");
@@ -356,9 +333,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void service(HttpServletRequest request,
- HttpServletResponse response) throws ServletException,
- IOException {
+ protected void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
response.setContentType("text/json; charset=iso-8859-1");
response.getWriter().print("Hello world");
}
@@ -367,13 +343,11 @@ public class TestExpiresFilter extends TomcatBaseTest {
validate(servlet, Integer.valueOf(7 * 60));
}
- protected void validate(HttpServlet servlet, Integer expectedMaxAgeInSeconds)
- throws Exception {
+ protected void validate(HttpServlet servlet, Integer expectedMaxAgeInSeconds) throws Exception {
validate(servlet, expectedMaxAgeInSeconds, HttpServletResponse.SC_OK);
}
- protected void validate(HttpServlet servlet,
- Integer expectedMaxAgeInSeconds, int expectedResponseStatusCode)
+ protected void validate(HttpServlet servlet, Integer expectedMaxAgeInSeconds, int expectedResponseStatusCode)
throws Exception {
// SETUP
@@ -383,14 +357,10 @@ public class TestExpiresFilter extends TomcatBaseTest {
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("ExpiresDefault", "access plus 1 minute");
- filterDef.addInitParameter("ExpiresByType text/xml;charset=utf-8",
- "access plus 3 minutes");
- filterDef.addInitParameter("ExpiresByType text/xml",
- "access plus 5 minutes");
- filterDef.addInitParameter("ExpiresByType text",
- "access plus 7 minutes");
- filterDef.addInitParameter("ExpiresExcludedResponseStatusCodes",
- "304, 503");
+ filterDef.addInitParameter("ExpiresByType text/xml;charset=utf-8", "access plus 3 minutes");
+ filterDef.addInitParameter("ExpiresByType text/xml", "access plus 5 minutes");
+ filterDef.addInitParameter("ExpiresByType text", "access plus 7 minutes");
+ filterDef.addInitParameter("ExpiresExcludedResponseStatusCodes", "304, 503");
filterDef.setFilterClass(ExpiresFilter.class.getName());
filterDef.setFilterName(ExpiresFilter.class.getName());
@@ -413,7 +383,7 @@ public class TestExpiresFilter extends TomcatBaseTest {
// TEST
ByteChunk bc = new ByteChunk();
- Map<String,List<String>> responseHeaders = new HashMap<>();
+ Map<String, List<String>> responseHeaders = new HashMap<>();
int rc = getUrl("http://localhost:" + getPort() + "/test", bc, responseHeaders);
// VALIDATE
@@ -422,9 +392,7 @@ public class TestExpiresFilter extends TomcatBaseTest {
StringBuilder msg = new StringBuilder();
for (Entry<String, List<String>> field : responseHeaders.entrySet()) {
for (String value : field.getValue()) {
- msg.append((field.getKey() == null ? "" : field.getKey() +
- ": ") +
- value + "\n");
+ msg.append((field.getKey() == null ? "" : field.getKey() + ": ") + value + "\n");
}
}
System.out.println(msg);
@@ -437,13 +405,10 @@ public class TestExpiresFilter extends TomcatBaseTest {
actualMaxAgeInSeconds = null;
} else {
actualMaxAgeInSeconds = null;
- StringTokenizer cacheControlTokenizer = new StringTokenizer(
- cacheControlHeader, ",");
- while (cacheControlTokenizer.hasMoreTokens() &&
- actualMaxAgeInSeconds == null) {
+ StringTokenizer cacheControlTokenizer = new StringTokenizer(cacheControlHeader, ",");
+ while (cacheControlTokenizer.hasMoreTokens() && actualMaxAgeInSeconds == null) {
String cacheDirective = cacheControlTokenizer.nextToken();
- StringTokenizer cacheDirectiveTokenizer = new StringTokenizer(
- cacheDirective, "=");
+ StringTokenizer cacheDirectiveTokenizer = new StringTokenizer(cacheDirective, "=");
if (cacheDirectiveTokenizer.countTokens() == 2) {
String key = cacheDirectiveTokenizer.nextToken().trim();
String value = cacheDirectiveTokenizer.nextToken().trim();
@@ -455,8 +420,7 @@ public class TestExpiresFilter extends TomcatBaseTest {
}
if (expectedMaxAgeInSeconds == null) {
- Assert.assertNull("actualMaxAgeInSeconds '" +
- actualMaxAgeInSeconds + "' should be null",
+ Assert.assertNull("actualMaxAgeInSeconds '" + actualMaxAgeInSeconds + "' should be null",
actualMaxAgeInSeconds);
return;
}
@@ -465,12 +429,9 @@ public class TestExpiresFilter extends TomcatBaseTest {
String contentType = getSingleHeader("Content-Type", responseHeaders);
- int deltaInSeconds = Math.abs(actualMaxAgeInSeconds.intValue() -
- expectedMaxAgeInSeconds.intValue());
- Assert.assertTrue("actualMaxAgeInSeconds: " +
- actualMaxAgeInSeconds + ", expectedMaxAgeInSeconds: " +
- expectedMaxAgeInSeconds + ", request time: " +
- timeBeforeInMillis + " for content type " +
+ int deltaInSeconds = Math.abs(actualMaxAgeInSeconds.intValue() - expectedMaxAgeInSeconds.intValue());
+ Assert.assertTrue("actualMaxAgeInSeconds: " + actualMaxAgeInSeconds + ", expectedMaxAgeInSeconds: " +
+ expectedMaxAgeInSeconds + ", request time: " + timeBeforeInMillis + " for content type " +
contentType, deltaInSeconds < 3);
} finally {
@@ -480,8 +441,7 @@ public class TestExpiresFilter extends TomcatBaseTest {
@Test
public void testIntsToCommaDelimitedString() {
- String actual = ExpiresFilter.intsToCommaDelimitedString(new int[] {
- 500, 503 });
+ String actual = ExpiresFilter.intsToCommaDelimitedString(new int[] { 500, 503 });
String expected = "500, 503";
Assert.assertEquals(expected, actual);
@@ -489,10 +449,8 @@ public class TestExpiresFilter extends TomcatBaseTest {
/*
- * Tests Expires filter with:
- * - per content type expires
- * - no default
- * - Default servlet returning 304s (without content-type)
+ * Tests Expires filter with: - per content type expires - no default - Default servlet returning 304s (without
+ * content-type)
*/
@Test
public void testBug63909() throws Exception {
@@ -519,22 +477,21 @@ public class TestExpiresFilter extends TomcatBaseTest {
tomcat.start();
ByteChunk bc = new ByteChunk();
- Map<String,List<String>> requestHeaders = new CaseInsensitiveKeyMap<>();
+ Map<String, List<String>> requestHeaders = new CaseInsensitiveKeyMap<>();
List<String> ifModifiedSinceValues = new ArrayList<>();
ifModifiedSinceValues.add(FastHttpDateFormat.getCurrentDate());
requestHeaders.put("If-Modified-Since", ifModifiedSinceValues);
- Map<String,List<String>> responseHeaders = new CaseInsensitiveKeyMap<>();
+ Map<String, List<String>> responseHeaders = new CaseInsensitiveKeyMap<>();
- int rc = getUrl("http://localhost:" + getPort() + "/test/bug6nnnn/bug69303.txt", bc, requestHeaders, responseHeaders);
+ int rc = getUrl("http://localhost:" + getPort() + "/test/bug6nnnn/bug69303.txt", bc, requestHeaders,
+ responseHeaders);
Assert.assertEquals(HttpServletResponse.SC_NOT_MODIFIED, rc);
StringBuilder msg = new StringBuilder();
for (Entry<String, List<String>> field : responseHeaders.entrySet()) {
for (String value : field.getValue()) {
- msg.append((field.getKey() == null ? "" : field.getKey() +
- ": ") +
- value + "\n");
+ msg.append((field.getKey() == null ? "" : field.getKey() + ": ") + value + "\n");
}
}
System.out.println(msg);
@@ -547,13 +504,10 @@ public class TestExpiresFilter extends TomcatBaseTest {
actualMaxAgeInSeconds = null;
} else {
actualMaxAgeInSeconds = null;
- StringTokenizer cacheControlTokenizer = new StringTokenizer(
- cacheControlHeader, ",");
- while (cacheControlTokenizer.hasMoreTokens() &&
- actualMaxAgeInSeconds == null) {
+ StringTokenizer cacheControlTokenizer = new StringTokenizer(cacheControlHeader, ",");
+ while (cacheControlTokenizer.hasMoreTokens() && actualMaxAgeInSeconds == null) {
String cacheDirective = cacheControlTokenizer.nextToken();
- StringTokenizer cacheDirectiveTokenizer = new StringTokenizer(
- cacheDirective, "=");
+ StringTokenizer cacheDirectiveTokenizer = new StringTokenizer(cacheDirective, "=");
if (cacheDirectiveTokenizer.countTokens() == 2) {
String key = cacheDirectiveTokenizer.nextToken().trim();
String value = cacheDirectiveTokenizer.nextToken().trim();
diff --git a/test/org/apache/catalina/filters/TestRemoteIpFilter.java b/test/org/apache/catalina/filters/TestRemoteIpFilter.java
index 2387c3cb98..8e9b2915bd 100644
--- a/test/org/apache/catalina/filters/TestRemoteIpFilter.java
+++ b/test/org/apache/catalina/filters/TestRemoteIpFilter.java
@@ -57,8 +57,7 @@ import org.apache.tomcat.util.descriptor.web.FilterMap;
public class TestRemoteIpFilter extends TomcatBaseTest {
/**
- * Mock {@link FilterChain} to keep a handle on the passed
- * {@link ServletRequest} and (@link ServletResponse}.
+ * Mock {@link FilterChain} to keep a handle on the passed {@link ServletRequest} and (@link ServletResponse}.
*/
public static class MockFilterChain implements FilterChain {
private HttpServletRequest request;
@@ -91,7 +90,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
public boolean isSecure;
@Override
- public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ public void service(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
this.isSecure = request.isSecure();
this.remoteAddr = request.getRemoteAddr();
this.remoteHost = request.getRemoteHost();
@@ -337,7 +337,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -372,7 +373,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3",
+ actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -406,7 +408,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3",
+ actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -440,7 +443,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -473,7 +477,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -534,10 +539,12 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
- Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130,proxy1", actualXForwardedFor);
+ Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130,proxy1",
+ actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
- Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2", actualXForwardedBy);
+ Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);
@@ -689,16 +696,13 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
- Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort",
- Integer.valueOf(8080),
+ Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort", Integer.valueOf(8080),
actualRequest.getAttribute(AccessLog.SERVER_PORT_ATTRIBUTE));
- Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr",
- "140.211.11.130",
+ Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr", "140.211.11.130",
actualRequest.getAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE));
- Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost",
- "140.211.11.130",
+ Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost", "140.211.11.130",
actualRequest.getAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE));
}
@@ -719,8 +723,7 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
- Assert.assertEquals("org.apache.tomcat.request.forwarded",
- Boolean.TRUE,
+ Assert.assertEquals("org.apache.tomcat.request.forwarded", Boolean.TRUE,
actualRequest.getAttribute(Globals.REQUEST_FORWARDED_ATTRIBUTE));
}
@@ -759,8 +762,7 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
// TEST
HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(
- "http://localhost:" + tomcat.getConnector().getLocalPort() +
- "/test").openConnection();
+ "http://localhost:" + tomcat.getConnector().getLocalPort() + "/test").openConnection();
String expectedRemoteAddr = "my-remote-addr";
httpURLConnection.addRequestProperty("x-forwarded-for", expectedRemoteAddr);
httpURLConnection.addRequestProperty("x-forwarded-proto", "https");
@@ -818,8 +820,7 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
reqHeaders.put("x-forwarded-for", forwardedFor);
reqHeaders.put("x-forwarded-proto", forwardedProto);
- getUrl("http://localhost:" + tomcat.getConnector().getLocalPort() +
- "/test", null, reqHeaders, resHeaders);
+ getUrl("http://localhost:" + tomcat.getConnector().getLocalPort() + "/test", null, reqHeaders, resHeaders);
String setCookie = resHeaders.get("Set-Cookie").get(0);
Assert.assertTrue(setCookie.contains("Secure"));
Assert.assertTrue(bug66471Servlet.isSecure.booleanValue());
@@ -828,6 +829,7 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
public static class Bug66471Servlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public Boolean isSecure;
+
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.getSession();
diff --git a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
index 633e1d533a..9ee91c695a 100644
--- a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
+++ b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter.java
@@ -113,8 +113,7 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testGetFetchRequestSessionNoNonce() throws Exception {
setRequestExpectations(GET_METHOD, session, Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE);
- EasyMock.expect(session.getAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))
- .andReturn(null);
+ EasyMock.expect(session.getAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME)).andReturn(null);
session.setAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME, NONCE);
EasyMock.expectLastCall();
EasyMock.replay(session);
@@ -132,8 +131,7 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testGetFetchRequestSessionNonce() throws Exception {
setRequestExpectations(GET_METHOD, session, Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE);
- EasyMock.expect(session.getAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))
- .andReturn(NONCE);
+ EasyMock.expect(session.getAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME)).andReturn(NONCE);
EasyMock.replay(session);
filter.doFilter(request, response, filterChain);
verifyContinueChainNonceAvailable();
@@ -168,15 +166,13 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostRequestInvalidNonceAsParameterValidPath() throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] { INVALID_NONCE },
- ACCEPTED_PATH1);
+ setRequestExpectations(POST_METHOD, session, null, new String[] { INVALID_NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestValidNonceAsParameterInvalidPath() throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] { NONCE }, ACCEPTED_PATH1
- + "blah");
+ setRequestExpectations(POST_METHOD, session, null, new String[] { NONCE }, ACCEPTED_PATH1 + "blah");
testPostRequestParamsScenarios(NONCE, true, true);
}
@@ -194,8 +190,7 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostRequestValidNonceAsParameterInvalidNonceAsHeader() throws Exception {
- setRequestExpectations(POST_METHOD, session, INVALID_NONCE, new String[] { NONCE },
- ACCEPTED_PATH1);
+ setRequestExpectations(POST_METHOD, session, INVALID_NONCE, new String[] { NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@@ -207,43 +202,39 @@ public class TestRestCsrfPreventionFilter {
@Test
public void testPostRequestMultipleValidNoncesAsParameterValidPath() throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] { NONCE, NONCE },
- ACCEPTED_PATH1);
+ setRequestExpectations(POST_METHOD, session, null, new String[] { NONCE, NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, false, true);
}
@Test
public void testPostRequestMultipleNoncesAsParameterValidPath() throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] { NONCE, INVALID_NONCE },
- ACCEPTED_PATH1);
+ setRequestExpectations(POST_METHOD, session, null, new String[] { NONCE, INVALID_NONCE }, ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testPostRequestMultipleInvalidNoncesAsParameterValidPath() throws Exception {
- setRequestExpectations(POST_METHOD, session, null, new String[] { INVALID_NONCE,
- INVALID_NONCE }, ACCEPTED_PATH1);
+ setRequestExpectations(POST_METHOD, session, null, new String[] { INVALID_NONCE, INVALID_NONCE },
+ ACCEPTED_PATH1);
testPostRequestParamsScenarios(NONCE, true, true);
}
@Test
public void testGETRequestFetchNonceAsParameter() throws Exception {
- setRequestExpectations(GET_METHOD, null, null,
- new String[] { Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE }, ACCEPTED_PATH1);
+ setRequestExpectations(GET_METHOD, null, null, new String[] { Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE },
+ ACCEPTED_PATH1);
filter.setPathsAcceptingParams(ACCEPTED_PATHS);
filter.doFilter(request, response, filterChain);
verifyContinueChainNonceNotAvailable();
}
- private void testPostRequestHeaderScenarios(String sessionAttr, boolean denyResponse)
- throws Exception {
+ private void testPostRequestHeaderScenarios(String sessionAttr, boolean denyResponse) throws Exception {
testPostRequestParamsScenarios(sessionAttr, denyResponse, false);
}
- private void testPostRequestParamsScenarios(String sessionAttr, boolean denyResponse,
- boolean configurePaths) throws Exception {
- EasyMock.expect(session.getAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME))
- .andReturn(sessionAttr);
+ private void testPostRequestParamsScenarios(String sessionAttr, boolean denyResponse, boolean configurePaths)
+ throws Exception {
+ EasyMock.expect(session.getAttribute(Constants.CSRF_REST_NONCE_SESSION_ATTR_NAME)).andReturn(sessionAttr);
EasyMock.replay(session);
if (configurePaths) {
filter.setPathsAcceptingParams(ACCEPTED_PATHS);
@@ -261,8 +252,8 @@ public class TestRestCsrfPreventionFilter {
setRequestExpectations(method, session, headerValue, null, null);
}
- private void setRequestExpectations(String method, HttpSession session, String headerValue,
- String[] paramValues, String servletPath) {
+ private void setRequestExpectations(String method, HttpSession session, String headerValue, String[] paramValues,
+ String servletPath) {
request.setMethod(method);
request.setSession(session);
request.setHeader(Constants.CSRF_REST_NONCE_HEADER_NAME, headerValue);
@@ -285,8 +276,8 @@ public class TestRestCsrfPreventionFilter {
}
private void verifyDenyResponse(int statusCode) {
- Assert.assertTrue(Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE.equals(response
- .getHeader(Constants.CSRF_REST_NONCE_HEADER_NAME)));
+ Assert.assertTrue(Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE
+ .equals(response.getHeader(Constants.CSRF_REST_NONCE_HEADER_NAME)));
Assert.assertTrue(statusCode == response.getStatus());
Assert.assertTrue(!filterChain.isVisited());
}
@@ -295,8 +286,7 @@ public class TestRestCsrfPreventionFilter {
private boolean visited = false;
@Override
- public void doFilter(ServletRequest request, ServletResponse response) throws IOException,
- ServletException {
+ public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
visited = true;
}
diff --git a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
index 86e4d2d655..eb74714a71 100644
--- a/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
+++ b/test/org/apache/catalina/filters/TestRestCsrfPreventionFilter2.java
@@ -121,85 +121,71 @@ public class TestRestCsrfPreventionFilter2 extends TomcatBaseTest {
}
private void testClearGet() throws Exception {
- doTest(METHOD_GET, LIST_CUSTOMERS, CREDENTIALS, null, NO_COOKIES,
- HttpServletResponse.SC_OK, CUSTOMERS_LIST_RESPONSE, null, false, null);
+ doTest(METHOD_GET, LIST_CUSTOMERS, CREDENTIALS, null, NO_COOKIES, HttpServletResponse.SC_OK,
+ CUSTOMERS_LIST_RESPONSE, null, false, null);
}
private void testClearPost() throws Exception {
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, NO_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, null, true,
- Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, NO_COOKIES, HttpServletResponse.SC_FORBIDDEN, null,
+ null, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
}
private void testGetFirstFetch() throws Exception {
- doTest(METHOD_GET, LIST_CUSTOMERS, CREDENTIALS, null, NO_COOKIES,
- HttpServletResponse.SC_OK, CUSTOMERS_LIST_RESPONSE,
- Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true, null);
+ doTest(METHOD_GET, LIST_CUSTOMERS, CREDENTIALS, null, NO_COOKIES, HttpServletResponse.SC_OK,
+ CUSTOMERS_LIST_RESPONSE, Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true, null);
}
private void testValidPost() throws Exception {
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
- HttpServletResponse.SC_OK, CUSTOMER_REMOVED_RESPONSE, validNonce, false, null);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES, HttpServletResponse.SC_OK,
+ CUSTOMER_REMOVED_RESPONSE, validNonce, false, null);
}
private void testInvalidPost() throws Exception {
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null,
- Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true,
- Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, INVALID_NONCE_1, true,
- Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, INVALID_NONCE_2, true,
- Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, null, true,
- Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null,
+ Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null,
+ INVALID_NONCE_1, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null,
+ INVALID_NONCE_2, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, null, USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null,
+ null, true, Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
}
private void testGetSecondFetch() throws Exception {
- doTest(METHOD_GET, LIST_CUSTOMERS, CREDENTIALS, null, USE_COOKIES,
- HttpServletResponse.SC_OK, CUSTOMERS_LIST_RESPONSE,
- Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true, validNonce);
+ doTest(METHOD_GET, LIST_CUSTOMERS, CREDENTIALS, null, USE_COOKIES, HttpServletResponse.SC_OK,
+ CUSTOMERS_LIST_RESPONSE, Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE, true, validNonce);
}
private void testValidPostWithRequestParams() throws Exception {
String validBody = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" + validNonce;
String invalidbody = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" + INVALID_NONCE_1;
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
- validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
HttpServletResponse.SC_OK, CUSTOMER_REMOVED_RESPONSE, null, false, null);
- doTest(METHOD_POST, ADD_CUSTOMER, CREDENTIALS,
- validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
+ doTest(METHOD_POST, ADD_CUSTOMER, CREDENTIALS, validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
HttpServletResponse.SC_OK, CUSTOMER_ADDED_RESPONSE, null, false, null);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
- invalidbody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
- HttpServletResponse.SC_OK, CUSTOMER_REMOVED_RESPONSE, validNonce, false, null);
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, invalidbody.getBytes(StandardCharsets.ISO_8859_1),
+ USE_COOKIES, HttpServletResponse.SC_OK, CUSTOMER_REMOVED_RESPONSE, validNonce, false, null);
}
private void testInvalidPostWithRequestParams() throws Exception {
String validBody = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" + validNonce;
String invalidbody1 = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" + INVALID_NONCE_1;
- String invalidbody2 = Constants.CSRF_REST_NONCE_HEADER_NAME + "="
- + Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE;
- doTest(METHOD_POST, REMOVE_ALL_CUSTOMERS, CREDENTIALS,
- validBody.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, null, true,
+ String invalidbody2 = Constants.CSRF_REST_NONCE_HEADER_NAME + "=" +
+ Constants.CSRF_REST_NONCE_HEADER_FETCH_VALUE;
+ doTest(METHOD_POST, REMOVE_ALL_CUSTOMERS, CREDENTIALS, validBody.getBytes(StandardCharsets.ISO_8859_1),
+ USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null, null, true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
- invalidbody1.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, null, true,
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, invalidbody1.getBytes(StandardCharsets.ISO_8859_1),
+ USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null, null, true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
- doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS,
- invalidbody2.getBytes(StandardCharsets.ISO_8859_1), USE_COOKIES,
- HttpServletResponse.SC_FORBIDDEN, null, null, true,
+ doTest(METHOD_POST, REMOVE_CUSTOMER, CREDENTIALS, invalidbody2.getBytes(StandardCharsets.ISO_8859_1),
+ USE_COOKIES, HttpServletResponse.SC_FORBIDDEN, null, null, true,
Constants.CSRF_REST_NONCE_HEADER_REQUIRED_VALUE);
}
- private void doTest(String method, String uri, BasicCredentials credentials, byte[] body,
- boolean useCookie, int expectedRC, String expectedResponse, String nonce,
- boolean expectCsrfRH, String expectedCsrfRHV) throws Exception {
+ private void doTest(String method, String uri, BasicCredentials credentials, byte[] body, boolean useCookie,
+ int expectedRC, String expectedResponse, String nonce, boolean expectCsrfRH, String expectedCsrfRHV)
+ throws Exception {
Map<String, List<String>> reqHeaders = new HashMap<>();
Map<String, List<String>> respHeaders = new HashMap<>();
@@ -262,8 +248,7 @@ public class TestRestCsrfPreventionFilter2 extends TomcatBaseTest {
}
}
- private void addNonce(Map<String, List<String>> reqHeaders, String nonce,
- Predicate<String> tester) {
+ private void addNonce(Map<String, List<String>> reqHeaders, String nonce, Predicate<String> tester) {
if (tester.test(nonce)) {
addRequestHeader(reqHeaders, Constants.CSRF_REST_NONCE_HEADER_NAME, nonce);
}
@@ -341,16 +326,14 @@ public class TestRestCsrfPreventionFilter2 extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
if (Objects.equals(LIST_CUSTOMERS, getRequestedPath(req))) {
resp.getWriter().print(CUSTOMERS_LIST_RESPONSE);
}
}
@Override
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
if (Objects.equals(REMOVE_CUSTOMER, getRequestedPath(req))) {
resp.getWriter().print(CUSTOMER_REMOVED_RESPONSE);
} else if (Objects.equals(ADD_CUSTOMER, getRequestedPath(req))) {
diff --git a/test/org/apache/catalina/filters/TesterFilterChain.java b/test/org/apache/catalina/filters/TesterFilterChain.java
index 9b3390eaa7..165711d824 100644
--- a/test/org/apache/catalina/filters/TesterFilterChain.java
+++ b/test/org/apache/catalina/filters/TesterFilterChain.java
@@ -26,8 +26,7 @@ import jakarta.servlet.ServletResponse;
public class TesterFilterChain implements FilterChain {
@Override
- public void doFilter(ServletRequest request, ServletResponse response)
- throws IOException, ServletException {
+ public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// NoOp
}
}
diff --git a/test/org/apache/catalina/filters/TesterFilterConfigs.java b/test/org/apache/catalina/filters/TesterFilterConfigs.java
index 43826e0226..bf70c9c509 100644
--- a/test/org/apache/catalina/filters/TesterFilterConfigs.java
+++ b/test/org/apache/catalina/filters/TesterFilterConfigs.java
@@ -25,141 +25,105 @@ import org.apache.tomcat.unittest.TesterServletContext;
public class TesterFilterConfigs {
public static final String HTTPS_WWW_APACHE_ORG = "https://www.apache.org";
- public static final String HTTP_TOMCAT_APACHE_ORG =
- "http://tomcat.apache.org";
+ public static final String HTTP_TOMCAT_APACHE_ORG = "http://tomcat.apache.org";
public static final String EXPOSED_HEADERS = "X-CUSTOM-HEADER";
/**
* Any origin
*/
public static final String ANY_ORIGIN = "*";
- public static final TesterServletContext mockServletContext =
- new TesterServletContext();
+ public static final TesterServletContext mockServletContext = new TesterServletContext();
// Default config for the test is to allow any origin
public static FilterConfig getDefaultFilterConfig() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
final String allowedOrigins = ANY_ORIGIN;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getFilterConfigAnyOriginAndSupportsCredentials() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
final String allowedOrigins = ANY_ORIGIN;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
final String supportCredentials = "true";
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
- public static FilterConfig
- getFilterConfigAnyOriginAndSupportsCredentialsDisabled() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
+ public static FilterConfig getFilterConfigAnyOriginAndSupportsCredentialsDisabled() {
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
final String allowedOrigins = ANY_ORIGIN;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
final String supportCredentials = "false";
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
- public static FilterConfig
- getFilterConfigSpecificOriginAndSupportsCredentialsDisabled() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
- final String allowedOrigins =
- HTTP_TOMCAT_APACHE_ORG + "," + HTTPS_WWW_APACHE_ORG;
+ public static FilterConfig getFilterConfigSpecificOriginAndSupportsCredentialsDisabled() {
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
+ final String allowedOrigins = HTTP_TOMCAT_APACHE_ORG + "," + HTTPS_WWW_APACHE_ORG;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
final String supportCredentials = "false";
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getFilterConfigSpecificOriginNullAllowed() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
final String allowedOrigins = HTTP_TOMCAT_APACHE_ORG + ",null";
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getFilterConfigWithExposedHeaders() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
final String allowedOrigins = ANY_ORIGIN;
final String exposedHeaders = EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getSecureFilterConfig() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
final String allowedOrigins = HTTPS_WWW_APACHE_ORG;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
final String supportCredentials = "true";
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getNullFilterConfig() {
@@ -167,59 +131,44 @@ public class TesterFilterConfigs {
}
public static FilterConfig getSpecificOriginFilterConfig() {
- final String allowedOrigins =
- HTTPS_WWW_APACHE_ORG + "," + HTTP_TOMCAT_APACHE_ORG;
+ final String allowedOrigins = HTTPS_WWW_APACHE_ORG + "," + HTTP_TOMCAT_APACHE_ORG;
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getSpecificOriginFilterConfigNegativeMaxAge() {
- final String allowedOrigins =
- HTTPS_WWW_APACHE_ORG + "," + HTTP_TOMCAT_APACHE_ORG;
+ final String allowedOrigins = HTTPS_WWW_APACHE_ORG + "," + HTTP_TOMCAT_APACHE_ORG;
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS + ",PUT";
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
final String preflightMaxAge = "-1";
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getFilterConfigInvalidMaxPreflightAge() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
final String allowedOrigins = CorsFilter.DEFAULT_ALLOWED_ORIGINS;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
final String preflightMaxAge = "abc";
final String decorateRequest = CorsFilter.DEFAULT_DECORATE_REQUEST;
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getEmptyFilterConfig() {
@@ -231,34 +180,26 @@ public class TesterFilterConfigs {
final String preflightMaxAge = "";
final String decorateRequest = "";
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
public static FilterConfig getFilterConfigDecorateRequestDisabled() {
- final String allowedHttpHeaders =
- CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
- final String allowedHttpMethods =
- CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
+ final String allowedHttpHeaders = CorsFilter.DEFAULT_ALLOWED_HTTP_HEADERS;
+ final String allowedHttpMethods = CorsFilter.DEFAULT_ALLOWED_HTTP_METHODS;
final String allowedOrigins = ANY_ORIGIN;
final String exposedHeaders = CorsFilter.DEFAULT_EXPOSED_HEADERS;
- final String supportCredentials =
- CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
- final String preflightMaxAge =
- CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
+ final String supportCredentials = CorsFilter.DEFAULT_SUPPORTS_CREDENTIALS;
+ final String preflightMaxAge = CorsFilter.DEFAULT_PREFLIGHT_MAXAGE;
final String decorateRequest = "false";
- return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods,
- allowedOrigins, exposedHeaders, supportCredentials,
- preflightMaxAge, decorateRequest);
+ return generateFilterConfig(allowedHttpHeaders, allowedHttpMethods, allowedOrigins, exposedHeaders,
+ supportCredentials, preflightMaxAge, decorateRequest);
}
- private static FilterConfig generateFilterConfig(
- final String allowedHttpHeaders, final String allowedHttpMethods,
- final String allowedOrigins, final String exposedHeaders,
- final String supportCredentials, final String preflightMaxAge,
- final String decorateRequest) {
+ private static FilterConfig generateFilterConfig(final String allowedHttpHeaders, final String allowedHttpMethods,
+ final String allowedOrigins, final String exposedHeaders, final String supportCredentials,
+ final String preflightMaxAge, final String decorateRequest) {
FilterConfig filterConfig = new FilterConfig() {
@Override
@@ -273,26 +214,19 @@ public class TesterFilterConfigs {
@Override
public String getInitParameter(String name) {
- if (CorsFilter.PARAM_CORS_ALLOWED_HEADERS
- .equalsIgnoreCase(name)) {
+ if (CorsFilter.PARAM_CORS_ALLOWED_HEADERS.equalsIgnoreCase(name)) {
return allowedHttpHeaders;
- } else if (CorsFilter.PARAM_CORS_ALLOWED_METHODS
- .equalsIgnoreCase(name)) {
+ } else if (CorsFilter.PARAM_CORS_ALLOWED_METHODS.equalsIgnoreCase(name)) {
return allowedHttpMethods;
- } else if (CorsFilter.PARAM_CORS_ALLOWED_ORIGINS
- .equalsIgnoreCase(name)) {
+ } else if (CorsFilter.PARAM_CORS_ALLOWED_ORIGINS.equalsIgnoreCase(name)) {
return allowedOrigins;
- } else if (CorsFilter.PARAM_CORS_EXPOSED_HEADERS
- .equalsIgnoreCase(name)) {
+ } else if (CorsFilter.PARAM_CORS_EXPOSED_HEADERS.equalsIgnoreCase(name)) {
return exposedHeaders;
- } else if (CorsFilter.PARAM_CORS_SUPPORT_CREDENTIALS
- .equalsIgnoreCase(name)) {
+ } else if (CorsFilter.PARAM_CORS_SUPPORT_CREDENTIALS.equalsIgnoreCase(name)) {
return supportCredentials;
- } else if (CorsFilter.PARAM_CORS_PREFLIGHT_MAXAGE
- .equalsIgnoreCase(name)) {
+ } else if (CorsFilter.PARAM_CORS_PREFLIGHT_MAXAGE.equalsIgnoreCase(name)) {
return preflightMaxAge;
- } else if (CorsFilter.PARAM_CORS_REQUEST_DECORATE
- .equalsIgnoreCase(name)) {
+ } else if (CorsFilter.PARAM_CORS_REQUEST_DECORATE.equalsIgnoreCase(name)) {
return decorateRequest;
}
return null;
diff --git a/test/org/apache/catalina/filters/TesterHttpServletRequest.java b/test/org/apache/catalina/filters/TesterHttpServletRequest.java
index e4350e1d89..449963e6ec 100644
--- a/test/org/apache/catalina/filters/TesterHttpServletRequest.java
+++ b/test/org/apache/catalina/filters/TesterHttpServletRequest.java
@@ -112,7 +112,7 @@ public class TesterHttpServletRequest implements HttpServletRequest {
}
@Override
- public Map<String,String[]> getParameterMap() {
+ public Map<String, String[]> getParameterMap() {
throw new RuntimeException("Not implemented");
}
@@ -370,8 +370,8 @@ public class TesterHttpServletRequest implements HttpServletRequest {
}
@Override
- public AsyncContext startAsync(ServletRequest servletRequest,
- ServletResponse servletResponse) throws IllegalStateException {
+ public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse)
+ throws IllegalStateException {
throw new RuntimeException("Not implemented");
}
@@ -401,14 +401,12 @@ public class TesterHttpServletRequest implements HttpServletRequest {
}
@Override
- public boolean authenticate(HttpServletResponse response)
- throws IOException, ServletException {
+ public boolean authenticate(HttpServletResponse response) throws IOException, ServletException {
throw new RuntimeException("Not implemented");
}
@Override
- public void login(String username, String password)
- throws ServletException {
+ public void login(String username, String password) throws ServletException {
throw new RuntimeException("Not implemented");
}
@@ -428,8 +426,8 @@ public class TesterHttpServletRequest implements HttpServletRequest {
}
@Override
- public <T extends HttpUpgradeHandler> T upgrade(
- Class<T> httpUpgradeHandlerClass) throws IOException, ServletException {
+ public <T extends HttpUpgradeHandler> T upgrade(Class<T> httpUpgradeHandlerClass)
+ throws IOException, ServletException {
throw new RuntimeException("Not implemented");
}
diff --git a/test/org/apache/catalina/filters/TesterHttpServletResponse.java b/test/org/apache/catalina/filters/TesterHttpServletResponse.java
index 90c0155181..a440da7837 100644
--- a/test/org/apache/catalina/filters/TesterHttpServletResponse.java
+++ b/test/org/apache/catalina/filters/TesterHttpServletResponse.java
@@ -102,143 +102,274 @@ public class TesterHttpServletResponse implements HttpServletResponse {
}
- public void setAppCommitted(
- @SuppressWarnings("unused") boolean appCommitted) {/* NOOP */}
- public boolean isAppCommitted() { return false; }
- public Connector getConnector() { return null; }
+ public void setAppCommitted(@SuppressWarnings("unused") boolean appCommitted) {
+ /* NOOP */}
+
+ public boolean isAppCommitted() {
+ return false;
+ }
+
+ public Connector getConnector() {
+ return null;
+ }
+
public void setConnector(@SuppressWarnings("unused") Connector connector) {
// NOOP
}
- public int getContentCount() { return -1; }
- public Context getContext() { return null; }
+
+ public int getContentCount() {
+ return -1;
+ }
+
+ public Context getContext() {
+ return null;
+ }
+
public void setContext(@SuppressWarnings("unused") Context context) {
// NOOP
}
- public boolean getIncluded() { return false; }
+
+ public boolean getIncluded() {
+ return false;
+ }
+
public void setIncluded(@SuppressWarnings("unused") boolean included) {
// NOOP
}
- public Request getRequest() { return null; }
+
+ public Request getRequest() {
+ return null;
+ }
+
public void setRequest(@SuppressWarnings("unused") Request request) {
// NOOP
}
- public ServletResponse getResponse() { return null; }
- public OutputStream getStream() { return null; }
+
+ public ServletResponse getResponse() {
+ return null;
+ }
+
+ public OutputStream getStream() {
+ return null;
+ }
+
public void setStream(@SuppressWarnings("unused") OutputStream stream) {
// NOOP
}
+
public void setSuspended(@SuppressWarnings("unused") boolean suspended) {
// NOOP
}
- public boolean isSuspended() { return false; }
- public void setError() {/* NOOP */}
- public boolean isError() { return false; }
+
+ public boolean isSuspended() {
+ return false;
+ }
+
+ public void setError() {
+ /* NOOP */}
+
+ public boolean isError() {
+ return false;
+ }
+
/**
* @return Always null
+ *
* @throws IOException Never happens
*/
public ServletOutputStream createOutputStream() throws IOException {
return null;
}
+
/**
* @throws IOException Never happens
*/
- public void finishResponse() throws IOException {/* NOOP */}
- public int getContentLength() { return -1; }
+ public void finishResponse() throws IOException {
+ /* NOOP */}
+
+ public int getContentLength() {
+ return -1;
+ }
+
@Override
- public String getContentType() { return null; }
- public PrintWriter getReporter() { return null; }
- public void recycle() {/* NOOP */}
+ public String getContentType() {
+ return null;
+ }
+
+ public PrintWriter getReporter() {
+ return null;
+ }
+
+ public void recycle() {
+ /* NOOP */}
+
/**
* @param b Unused
+ *
* @throws IOException Never happens
*/
public void write(int b) throws IOException {
// NOOP
}
+
/**
* @param b Unused
+ *
* @throws IOException Never happens
*/
public void write(byte b[]) throws IOException {
// NOOP
}
+
/**
* @param b Unused
* @param off Unused
* @param len Unused
+ *
* @throws IOException Never happens
*/
public void write(byte b[], int off, int len) throws IOException {
// NOOP
}
+
@Override
- public void flushBuffer() throws IOException {/* NOOP */}
+ public void flushBuffer() throws IOException {
+ /* NOOP */}
+
@Override
- public int getBufferSize() { return -1; }
+ public int getBufferSize() {
+ return -1;
+ }
+
@Override
- public String getCharacterEncoding() { return null; }
+ public String getCharacterEncoding() {
+ return null;
+ }
+
@Override
- public void setCharacterEncoding(String charEncoding) {/* NOOP */}
+ public void setCharacterEncoding(String charEncoding) {
+ /* NOOP */}
+
@Override
public ServletOutputStream getOutputStream() throws IOException {
return null;
}
+
@Override
- public Locale getLocale() { return null; }
+ public Locale getLocale() {
+ return null;
+ }
+
@Override
- public boolean isCommitted() { return false; }
+ public boolean isCommitted() {
+ return false;
+ }
+
@Override
- public void reset() {/* NOOP */}
+ public void reset() {
+ /* NOOP */}
+
@Override
- public void resetBuffer() {/* NOOP */}
+ public void resetBuffer() {
+ /* NOOP */}
+
@Override
- public void setBufferSize(int size) {/* NOOP */}
+ public void setBufferSize(int size) {
+ /* NOOP */}
+
@Override
- public void setContentLength(int length) {/* NOOP */}
+ public void setContentLength(int length) {
+ /* NOOP */}
+
@Override
- public void setContentType(String type) {/* NOOP */}
+ public void setContentType(String type) {
+ /* NOOP */}
+
@Override
- public void setLocale(Locale locale) {/* NOOP */}
+ public void setLocale(Locale locale) {
+ /* NOOP */}
+
@Override
- public Collection<String> getHeaderNames() { return null; }
+ public Collection<String> getHeaderNames() {
+ return null;
+ }
+
@Override
- public Collection<String> getHeaders(String name) { return Collections.emptyList(); }
- public String getMessage() { return null; }
- public void reset(@SuppressWarnings("unused") int status,
- @SuppressWarnings("unused") String message) {/* NOOP */}
+ public Collection<String> getHeaders(String name) {
+ return Collections.emptyList();
+ }
+
+ public String getMessage() {
+ return null;
+ }
+
+ public void reset(@SuppressWarnings("unused") int status, @SuppressWarnings("unused") String message) {
+ /* NOOP */}
+
@Override
- public void addCookie(Cookie cookie) {/* NOOP */}
+ public void addCookie(Cookie cookie) {
+ /* NOOP */}
+
@Override
- public void addDateHeader(String name, long value) {/* NOOP */}
+ public void addDateHeader(String name, long value) {
+ /* NOOP */}
+
@Override
- public void addIntHeader(String name, int value) {/* NOOP */}
+ public void addIntHeader(String name, int value) {
+ /* NOOP */}
+
@Override
- public boolean containsHeader(String name) { return false; }
+ public boolean containsHeader(String name) {
+ return false;
+ }
+
@Override
- public String encodeRedirectURL(String url) { return null; }
+ public String encodeRedirectURL(String url) {
+ return null;
+ }
+
@Override
- public String encodeURL(String url) { return null; }
+ public String encodeURL(String url) {
+ return null;
+ }
+
/**
* @throws IOException Never happens
*/
- public void sendAcknowledgement() throws IOException {/* NOOP */}
+ public void sendAcknowledgement() throws IOException {
+ /* NOOP */}
+
@Override
- public void sendError(int status) throws IOException {/* NOOP */}
+ public void sendError(int status) throws IOException {
+ /* NOOP */}
+
@Override
public void sendError(int status, String message) throws IOException {
// NOOP
}
+
@Override
- public void sendRedirect(String location) throws IOException {/* NOOP */}
+ public void sendRedirect(String location) throws IOException {
+ /* NOOP */}
+
@Override
- public void setDateHeader(String name, long value) {/* NOOP */}
+ public void setDateHeader(String name, long value) {
+ /* NOOP */}
+
@Override
- public void setIntHeader(String name, int value) {/* NOOP */}
+ public void setIntHeader(String name, int value) {
+ /* NOOP */}
+
@Override
- public void setContentLengthLong(long length) {/* NOOP */}
+ public void setContentLengthLong(long length) {
+ /* NOOP */}
+
@Override
- public void setTrailerFields(Supplier<Map<String, String>> supplier) { /* NOOP */ }
+ public void setTrailerFields(Supplier<Map<String, String>> supplier) {
+ /* NOOP */ }
+
@Override
- public Supplier<Map<String, String>> getTrailerFields() { return null; }
+ public Supplier<Map<String, String>> getTrailerFields() {
+ return null;
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 02/02: Code cleanup (format) - no functional change
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 63839291b4ad44a303593ba0ed13035d00b6e364
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Feb 15 15:01:06 2023 +0000
Code cleanup (format) - no functional change
---
test/org/apache/catalina/valves/Benchmarks.java | 78 ++---
.../apache/catalina/valves/TestAccessLogValve.java | 11 +-
.../valves/TestCrawlerSessionManagerValve.java | 13 +-
.../catalina/valves/TestErrorReportValve.java | 31 +-
.../valves/TestLoadBalancerDrainingValve.java | 79 +++--
.../apache/catalina/valves/TestRemoteIpValve.java | 99 +++---
.../catalina/valves/TestRequestFilterValve.java | 340 ++++++++++-----------
.../valves/TestStuckThreadDetectionValve.java | 21 +-
.../catalina/valves/TesterAccessLogValve.java | 9 +-
9 files changed, 326 insertions(+), 355 deletions(-)
diff --git a/test/org/apache/catalina/valves/Benchmarks.java b/test/org/apache/catalina/valves/Benchmarks.java
index 973df0b946..431c73bc0c 100644
--- a/test/org/apache/catalina/valves/Benchmarks.java
+++ b/test/org/apache/catalina/valves/Benchmarks.java
@@ -22,20 +22,17 @@ import java.util.Date;
import org.junit.Test;
/**
- * Some simple micro-benchmarks to help determine best approach for thread
- * safety in valves, particularly the {@link AccessLogValve}. Implemented as
- * JUnit tests to make the simple to execute but does not used Test* as the
- * class name to avoid being included in the automated unit tests.
+ * Some simple micro-benchmarks to help determine best approach for thread safety in valves, particularly the
+ * {@link AccessLogValve}. Implemented as JUnit tests to make the simple to execute but does not used Test* as the class
+ * name to avoid being included in the automated unit tests.
*/
public class Benchmarks {
@Test
public void testAccessLogGetDate() throws Exception {
// Is it better to use a sync or a thread local here?
BenchmarkTest benchmark = new BenchmarkTest();
- Runnable[] tests = new Runnable[] { new GetDateBenchmarkTest_Sync(),
- new GetDateBenchmarkTest_Local(),
- new GetDateBenchmarkTest_LocalMutableLong(),
- new GetDateBenchmarkTest_LocalStruct() };
+ Runnable[] tests = new Runnable[] { new GetDateBenchmarkTest_Sync(), new GetDateBenchmarkTest_Local(),
+ new GetDateBenchmarkTest_LocalMutableLong(), new GetDateBenchmarkTest_LocalStruct() };
benchmark.doTest(5, tests);
}
@@ -99,8 +96,7 @@ public class Benchmarks {
}
}
- private static class GetDateBenchmarkTest_LocalMutableLong implements
- Runnable {
+ private static class GetDateBenchmarkTest_LocalMutableLong implements Runnable {
@Override
public String toString() {
@@ -175,17 +171,15 @@ public class Benchmarks {
public void testAccessLogTimeDateElement() throws Exception {
// Is it better to use a sync or a thread local here?
BenchmarkTest benchmark = new BenchmarkTest();
- Runnable[] tests = new Runnable[] {
- new TimeDateElementBenchmarkTest_Sync(),
- new TimeDateElementBenchmarkTest_Local(),
- new TimeDateElementBenchmarkTest_LocalStruct(),
+ Runnable[] tests = new Runnable[] { new TimeDateElementBenchmarkTest_Sync(),
+ new TimeDateElementBenchmarkTest_Local(), new TimeDateElementBenchmarkTest_LocalStruct(),
new TimeDateElementBenchmarkTest_LocalStruct_SBuilder() };
benchmark.doTest(5, tests);
}
private abstract static class TimeDateElementBenchmarkTestBase {
- protected static final String months[] = { "Jan", "Feb", "Mar", "Apr",
- "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+ protected static final String months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct",
+ "Nov", "Dec" };
protected String lookup(String month) {
int index;
@@ -198,8 +192,8 @@ public class Benchmarks {
}
}
- private static class TimeDateElementBenchmarkTest_Sync extends
- TimeDateElementBenchmarkTestBase implements Runnable {
+ private static class TimeDateElementBenchmarkTest_Sync extends TimeDateElementBenchmarkTestBase
+ implements Runnable {
@Override
public String toString() {
@@ -211,8 +205,7 @@ public class Benchmarks {
private SimpleDateFormat dayFormatter = new SimpleDateFormat("dd");
private SimpleDateFormat monthFormatter = new SimpleDateFormat("MM");
private SimpleDateFormat yearFormatter = new SimpleDateFormat("yyyy");
- private SimpleDateFormat timeFormatter = new SimpleDateFormat(
- "hh:mm:ss");
+ private SimpleDateFormat timeFormatter = new SimpleDateFormat("hh:mm:ss");
@Override
public void run() {
@@ -257,8 +250,8 @@ public class Benchmarks {
}
}
- private static class TimeDateElementBenchmarkTest_Local extends
- TimeDateElementBenchmarkTestBase implements Runnable {
+ private static class TimeDateElementBenchmarkTest_Local extends TimeDateElementBenchmarkTestBase
+ implements Runnable {
@Override
public String toString() {
@@ -308,17 +301,13 @@ public class Benchmarks {
if (currentDateStringLocal.get() == null) {
StringBuilder current = new StringBuilder(32);
current.append('[');
- current.append(dayFormatterLocal.get().format(
- currentDateLocal.get())); // Day
+ current.append(dayFormatterLocal.get().format(currentDateLocal.get())); // Day
current.append('/');
- current.append(lookup(monthFormatterLocal.get().format(
- currentDateLocal.get()))); // Month
+ current.append(lookup(monthFormatterLocal.get().format(currentDateLocal.get()))); // Month
current.append('/');
- current.append(yearFormatterLocal.get().format(
- currentDateLocal.get())); // Year
+ current.append(yearFormatterLocal.get().format(currentDateLocal.get())); // Year
current.append(':');
- current.append(timeFormatterLocal.get().format(
- currentDateLocal.get())); // Time
+ current.append(timeFormatterLocal.get().format(currentDateLocal.get())); // Time
current.append(']');
currentDateStringLocal.set(current.toString());
}
@@ -335,8 +324,8 @@ public class Benchmarks {
}
}
- private static class TimeDateElementBenchmarkTest_LocalStruct extends
- TimeDateElementBenchmarkTestBase implements Runnable {
+ private static class TimeDateElementBenchmarkTest_LocalStruct extends TimeDateElementBenchmarkTestBase
+ implements Runnable {
@Override
public String toString() {
@@ -349,8 +338,7 @@ public class Benchmarks {
public SimpleDateFormat dayFormatter = new SimpleDateFormat("dd");
public SimpleDateFormat monthFormatter = new SimpleDateFormat("MM");
public SimpleDateFormat yearFormatter = new SimpleDateFormat("yyyy");
- public SimpleDateFormat timeFormatter = new SimpleDateFormat(
- "hh:mm:ss");
+ public SimpleDateFormat timeFormatter = new SimpleDateFormat("hh:mm:ss");
}
private ThreadLocal<Struct> structLocal = new ThreadLocal<>() {
@@ -373,8 +361,7 @@ public class Benchmarks {
current.append('[');
current.append(struct.dayFormatter.format(struct.currentDate)); // Day
current.append('/');
- current.append(lookup(struct.monthFormatter
- .format(struct.currentDate))); // Month
+ current.append(lookup(struct.monthFormatter.format(struct.currentDate))); // Month
current.append('/');
current.append(struct.yearFormatter.format(struct.currentDate)); // Year
current.append(':');
@@ -396,8 +383,8 @@ public class Benchmarks {
}
}
- private static class TimeDateElementBenchmarkTest_LocalStruct_SBuilder extends
- TimeDateElementBenchmarkTestBase implements Runnable {
+ private static class TimeDateElementBenchmarkTest_LocalStruct_SBuilder extends TimeDateElementBenchmarkTestBase
+ implements Runnable {
@Override
public String toString() {
@@ -410,8 +397,7 @@ public class Benchmarks {
public SimpleDateFormat dayFormatter = new SimpleDateFormat("dd");
public SimpleDateFormat monthFormatter = new SimpleDateFormat("MM");
public SimpleDateFormat yearFormatter = new SimpleDateFormat("yyyy");
- public SimpleDateFormat timeFormatter = new SimpleDateFormat(
- "hh:mm:ss");
+ public SimpleDateFormat timeFormatter = new SimpleDateFormat("hh:mm:ss");
}
private ThreadLocal<Struct> structLocal = new ThreadLocal<>() {
@@ -434,8 +420,7 @@ public class Benchmarks {
current.append('[');
current.append(struct.dayFormatter.format(struct.currentDate)); // Day
current.append('/');
- current.append(lookup(struct.monthFormatter
- .format(struct.currentDate))); // Month
+ current.append(lookup(struct.monthFormatter.format(struct.currentDate))); // Month
current.append('/');
current.append(struct.yearFormatter.format(struct.currentDate)); // Year
current.append(':');
@@ -466,8 +451,7 @@ public class Benchmarks {
}
}
- private void doTestInternal(int threadCount, int iterations,
- Runnable test) throws Exception {
+ private void doTestInternal(int threadCount, int iterations, Runnable test) throws Exception {
long start = System.currentTimeMillis();
Thread[] threads = new Thread[threadCount];
for (int i = 0; i < threadCount; i++) {
@@ -481,10 +465,8 @@ public class Benchmarks {
}
long end = System.currentTimeMillis();
- System.out.println(test.getClass().getSimpleName() + ": "
- + threadCount + " threads and " + iterations
- + " iterations using " + test + " took " + (end - start)
- + "ms");
+ System.out.println(test.getClass().getSimpleName() + ": " + threadCount + " threads and " + iterations +
+ " iterations using " + test + " took " + (end - start) + "ms");
}
}
diff --git a/test/org/apache/catalina/valves/TestAccessLogValve.java b/test/org/apache/catalina/valves/TestAccessLogValve.java
index 0fdfea44ba..d4b76e43f0 100644
--- a/test/org/apache/catalina/valves/TestAccessLogValve.java
+++ b/test/org/apache/catalina/valves/TestAccessLogValve.java
@@ -33,13 +33,10 @@ public class TestAccessLogValve {
final int cacheSize = 10;
- SimpleDateFormat sdf =
- new SimpleDateFormat("[dd/MMM/yyyy:HH:mm:ss Z]", Locale.US);
+ SimpleDateFormat sdf = new SimpleDateFormat("[dd/MMM/yyyy:HH:mm:ss Z]", Locale.US);
sdf.setTimeZone(TimeZone.getDefault());
- AccessLogValve.DateFormatCache dfc =
- new AccessLogValve.DateFormatCache(
- cacheSize, Locale.US, null);
+ AccessLogValve.DateFormatCache dfc = new AccessLogValve.DateFormatCache(cacheSize, Locale.US, null);
// Create an array to hold the expected values
String[] expected = new String[cacheSize];
@@ -58,13 +55,13 @@ public class TestAccessLogValve {
Assert.assertArrayEquals(expected, dfc.cLFCache.cache);
// Jump 2 ahead and then confirm (skipped value should be null)
- dfc.getFormat((cacheSize + 2)* 1000);
+ dfc.getFormat((cacheSize + 2) * 1000);
expected[1] = null;
expected[2] = generateExpected(sdf, cacheSize + 2);
Assert.assertArrayEquals(expected, dfc.cLFCache.cache);
// Back 1 to fill in the gap
- dfc.getFormat((cacheSize + 1)* 1000);
+ dfc.getFormat((cacheSize + 1) * 1000);
expected[1] = generateExpected(sdf, cacheSize + 1);
Assert.assertArrayEquals(expected, dfc.cLFCache.cache);
diff --git a/test/org/apache/catalina/valves/TestCrawlerSessionManagerValve.java b/test/org/apache/catalina/valves/TestCrawlerSessionManagerValve.java
index 9e53c4e35b..9c535ca416 100644
--- a/test/org/apache/catalina/valves/TestCrawlerSessionManagerValve.java
+++ b/test/org/apache/catalina/valves/TestCrawlerSessionManagerValve.java
@@ -52,7 +52,6 @@ public class TestCrawlerSessionManagerValve {
}
-
@Test
public void testCrawlerIpsPositive() throws Exception {
CrawlerSessionManagerValve valve = new CrawlerSessionManagerValve();
@@ -152,7 +151,8 @@ public class TestCrawlerSessionManagerValve {
private void verifyCrawlingContext(CrawlerSessionManagerValve valve, String contextPath)
throws IOException, ServletException {
HttpSession session = createSessionExpectations(valve, true);
- Request request = createRequestExpectations("127.0.0.1", session, true, "localhost", contextPath, "tomcatBot 1.0");
+ Request request = createRequestExpectations("127.0.0.1", session, true, "localhost", contextPath,
+ "tomcatBot 1.0");
EasyMock.replay(request, session);
@@ -166,7 +166,8 @@ public class TestCrawlerSessionManagerValve {
HttpSession session = EasyMock.createMock(HttpSession.class);
if (isBot) {
EasyMock.expect(session.getId()).andReturn("id").times(2);
- session.setAttribute(EasyMock.eq(valve.getClass().getName()), EasyMock.anyObject(HttpSessionBindingListener.class));
+ session.setAttribute(EasyMock.eq(valve.getClass().getName()),
+ EasyMock.anyObject(HttpSessionBindingListener.class));
EasyMock.expectLastCall();
session.setMaxInactiveInterval(60);
EasyMock.expectLastCall();
@@ -185,12 +186,12 @@ public class TestCrawlerSessionManagerValve {
EasyMock.expect(request.getRemoteAddr()).andReturn(ip);
EasyMock.expect(request.getHost()).andReturn(simpleHostWithName(hostname));
EasyMock.expect(request.getContext()).andReturn(simpleContextWithName(contextPath));
- IExpectationSetters<HttpSession> setter = EasyMock.expect(request.getSession(false))
- .andReturn(null);
+ IExpectationSetters<HttpSession> setter = EasyMock.expect(request.getSession(false)).andReturn(null);
if (isBot) {
setter.andReturn(session);
}
- EasyMock.expect(request.getHeaders("user-agent")).andAnswer(() -> Collections.enumeration(Arrays.asList(userAgent)));
+ EasyMock.expect(request.getHeaders("user-agent"))
+ .andAnswer(() -> Collections.enumeration(Arrays.asList(userAgent)));
return request;
}
diff --git a/test/org/apache/catalina/valves/TestErrorReportValve.java b/test/org/apache/catalina/valves/TestErrorReportValve.java
index 979d57a4da..762159dbf0 100644
--- a/test/org/apache/catalina/valves/TestErrorReportValve.java
+++ b/test/org/apache/catalina/valves/TestErrorReportValve.java
@@ -58,8 +58,8 @@ public class TestErrorReportValve extends TomcatBaseTest {
ByteChunk res = new ByteChunk();
res.setCharset(StandardCharsets.UTF_8);
getUrl("http://localhost:" + getPort(), res, null);
- Assert.assertTrue(res.toString().contains("<p><b>" + sm.getString("errorReportValve.message") + "</b> " +
- ErrorServlet.ERROR_TEXT + "</p>"));
+ Assert.assertTrue(res.toString().contains(
+ "<p><b>" + sm.getString("errorReportValve.message") + "</b> " + ErrorServlet.ERROR_TEXT + "</p>"));
}
@@ -67,11 +67,10 @@ public class TestErrorReportValve extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
private static final String ERROR_TEXT = "The wheels fell off.";
+
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
- req.setAttribute(RequestDispatcher.ERROR_EXCEPTION,
- new Throwable(ERROR_TEXT));
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+ req.setAttribute(RequestDispatcher.ERROR_EXCEPTION, new Throwable(ERROR_TEXT));
resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
@@ -128,8 +127,7 @@ public class TestErrorReportValve extends TomcatBaseTest {
}
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
if (setNotFound) {
resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
@@ -170,8 +168,7 @@ public class TestErrorReportValve extends TomcatBaseTest {
private static final String ERROR_MESSAGE = "The sky is falling";
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
resp.sendError(ERROR_STATUS, ERROR_MESSAGE);
}
}
@@ -185,8 +182,7 @@ public class TestErrorReportValve extends TomcatBaseTest {
Context ctx = tomcat.addContext("", null);
Bug56042Servlet bug56042Servlet = new Bug56042Servlet();
- Wrapper wrapper =
- Tomcat.addServlet(ctx, "bug56042Servlet", bug56042Servlet);
+ Wrapper wrapper = Tomcat.addServlet(ctx, "bug56042Servlet", bug56042Servlet);
wrapper.setAsyncSupported(true);
ctx.addServletMappingDecoded("/bug56042Servlet", "bug56042Servlet");
@@ -208,8 +204,7 @@ public class TestErrorReportValve extends TomcatBaseTest {
private static final long serialVersionUID = 1L;
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// Only set the status on the first call (the dispatch will trigger
// another call to this Servlet)
if (resp.getStatus() != HttpServletResponse.SC_BAD_REQUEST) {
@@ -223,9 +218,9 @@ public class TestErrorReportValve extends TomcatBaseTest {
private static final class ExceptionServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
+
@Override
- public void service(ServletRequest request, ServletResponse response)
- throws IOException {
+ public void service(ServletRequest request, ServletResponse response) throws IOException {
throw new RuntimeException();
}
}
@@ -234,9 +229,9 @@ public class TestErrorReportValve extends TomcatBaseTest {
private static final class ErrorPageServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
+
@Override
- public void service(ServletRequest request, ServletResponse response)
- throws IOException {
+ public void service(ServletRequest request, ServletResponse response) throws IOException {
response.getWriter().print("OK");
}
}
diff --git a/test/org/apache/catalina/valves/TestLoadBalancerDrainingValve.java b/test/org/apache/catalina/valves/TestLoadBalancerDrainingValve.java
index 8ef57816ff..b2b1fa0683 100644
--- a/test/org/apache/catalina/valves/TestLoadBalancerDrainingValve.java
+++ b/test/org/apache/catalina/valves/TestLoadBalancerDrainingValve.java
@@ -53,22 +53,22 @@ public class TestLoadBalancerDrainingValve {
String[] queryStrings = new String[] { null, "foo=bar" };
List<Object[]> parameterSets = new ArrayList<>();
- for (String jkActivation : jkActivations) {
- for (Boolean validSessionId : booleans) {
- for (Boolean enableIgnore : booleans) {
- Boolean expectInvokeNext = Boolean.valueOf("ACT".equals(jkActivation) || enableIgnore.booleanValue() ||
- validSessionId.booleanValue());
- for (String queryString : queryStrings) {
- for (Boolean secureRequest : booleans) {
- for (Boolean secureSessionConfig : booleans) {
- parameterSets.add(new Object[] { jkActivation, validSessionId, expectInvokeNext,
- enableIgnore, queryString, secureRequest, secureSessionConfig});
- }
+ for (String jkActivation : jkActivations) {
+ for (Boolean validSessionId : booleans) {
+ for (Boolean enableIgnore : booleans) {
+ Boolean expectInvokeNext = Boolean.valueOf(
+ "ACT".equals(jkActivation) || enableIgnore.booleanValue() || validSessionId.booleanValue());
+ for (String queryString : queryStrings) {
+ for (Boolean secureRequest : booleans) {
+ for (Boolean secureSessionConfig : booleans) {
+ parameterSets.add(new Object[] { jkActivation, validSessionId, expectInvokeNext,
+ enableIgnore, queryString, secureRequest, secureSessionConfig });
}
}
}
}
}
+ }
return parameterSets;
}
@@ -117,19 +117,22 @@ public class TestLoadBalancerDrainingValve {
EasyMock.expect(ctx.getName()).andStubReturn("");
EasyMock.expect(ctx.getPipeline()).andStubReturn(new StandardPipeline());
EasyMock.expect(ctx.getDomain()).andStubReturn("foo");
- EasyMock.expect(ctx.getLogger()).andStubReturn(org.apache.juli.logging.LogFactory.getLog(LoadBalancerDrainingValve.class));
+ EasyMock.expect(ctx.getLogger())
+ .andStubReturn(org.apache.juli.logging.LogFactory.getLog(LoadBalancerDrainingValve.class));
EasyMock.expect(ctx.getServletContext()).andStubReturn(servletContext);
// Set up the actual test
- EasyMock.expect(request.getAttribute(LoadBalancerDrainingValve.ATTRIBUTE_KEY_JK_LB_ACTIVATION)).andStubReturn(jkActivation);
- EasyMock.expect(Boolean.valueOf(request.isRequestedSessionIdValid())).andStubReturn(Boolean.valueOf(validSessionId));
+ EasyMock.expect(request.getAttribute(LoadBalancerDrainingValve.ATTRIBUTE_KEY_JK_LB_ACTIVATION))
+ .andStubReturn(jkActivation);
+ EasyMock.expect(Boolean.valueOf(request.isRequestedSessionIdValid()))
+ .andStubReturn(Boolean.valueOf(validSessionId));
ArrayList<Cookie> cookies = new ArrayList<>();
- if(enableIgnore) {
+ if (enableIgnore) {
cookies.add(new Cookie("ignore", "true"));
}
- if(!validSessionId && jkActivation.equals("DIS")) {
+ if (!validSessionId && jkActivation.equals("DIS")) {
MyCookie cookie = new MyCookie(cookieConfig.getName(), sessionId);
cookie.setPath(cookieConfig.getPath());
cookie.setValue(sessionId);
@@ -146,7 +149,8 @@ public class TestLoadBalancerDrainingValve {
EasyMock.expect(ctx.getSessionCookiePath()).andStubReturn("/");
if (!enableIgnore) {
- EasyMock.expect(Boolean.valueOf(ctx.getSessionCookiePathUsesTrailingSlash())).andStubReturn(Boolean.TRUE);
+ EasyMock.expect(Boolean.valueOf(ctx.getSessionCookiePathUsesTrailingSlash()))
+ .andStubReturn(Boolean.TRUE);
EasyMock.expect(request.getQueryString()).andStubReturn(queryString);
// Response will have cookie deleted
MyCookie expectedCookie = new MyCookie(cookieConfig.getName(), "");
@@ -159,8 +163,8 @@ public class TestLoadBalancerDrainingValve {
response.addCookie(expectedCookie);
EasyMock.expect(ctx.getSessionCookieName()).andReturn(sessionCookieName); // Indirect call
String expectedRequestURI = requestURI;
- if(null != queryString) {
- expectedRequestURI = expectedRequestURI + '?' + queryString;
+ if (null != queryString) {
+ expectedRequestURI = expectedRequestURI + '?' + queryString;
}
response.setHeader("Location", expectedRequestURI);
response.setStatus(307);
@@ -169,7 +173,7 @@ public class TestLoadBalancerDrainingValve {
Valve next = control.createMock(Valve.class);
- if(expectInvokeNext) {
+ if (expectInvokeNext) {
// Expect the "next" Valve to fire
// Next 2 lines are basically EasyMock.expect(next.invoke(req,res)) but for a void method
next.invoke(request, response);
@@ -196,40 +200,48 @@ public class TestLoadBalancerDrainingValve {
private String name;
- private final Map<String,String> attributes = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+ private final Map<String, String> attributes = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
@Override
public String getName() {
return name;
}
+
@Override
public void setName(String name) {
this.name = name;
}
+
@Override
public String getDomain() {
return attributes.get(Constants.COOKIE_DOMAIN_ATTR);
}
+
@Override
public void setDomain(String domain) {
attributes.put(Constants.COOKIE_DOMAIN_ATTR, domain);
}
+
@Override
public String getPath() {
return attributes.get(Constants.COOKIE_PATH_ATTR);
}
+
@Override
public void setPath(String path) {
attributes.put(Constants.COOKIE_PATH_ATTR, path);
}
+
@Override
public String getComment() {
return null;
}
+
@Override
public void setComment(String comment) {
// NO-OP
}
+
@Override
public boolean isHttpOnly() {
String httpOnly = getAttribute(Constants.COOKIE_HTTP_ONLY_ATTR);
@@ -238,10 +250,12 @@ public class TestLoadBalancerDrainingValve {
}
return Boolean.parseBoolean(httpOnly);
}
+
@Override
public void setHttpOnly(boolean httpOnly) {
setAttribute(Constants.COOKIE_HTTP_ONLY_ATTR, Boolean.toString(httpOnly));
}
+
@Override
public boolean isSecure() {
String secure = getAttribute(Constants.COOKIE_SECURE_ATTR);
@@ -250,10 +264,12 @@ public class TestLoadBalancerDrainingValve {
}
return Boolean.parseBoolean(secure);
}
+
@Override
public void setSecure(boolean secure) {
setAttribute(Constants.COOKIE_SECURE_ATTR, Boolean.toString(secure));
}
+
@Override
public int getMaxAge() {
String maxAge = getAttribute(Constants.COOKIE_MAX_AGE_ATTR);
@@ -262,18 +278,22 @@ public class TestLoadBalancerDrainingValve {
}
return Integer.parseInt(maxAge);
}
+
@Override
public void setMaxAge(int maxAge) {
setAttribute(Constants.COOKIE_MAX_AGE_ATTR, Integer.toString(maxAge));
}
+
@Override
public void setAttribute(String name, String value) {
attributes.put(name, value);
}
+
@Override
public String getAttribute(String name) {
return attributes.get(name);
}
+
@Override
public Map<String, String> getAttributes() {
return Collections.unmodifiableMap(attributes);
@@ -285,19 +305,19 @@ public class TestLoadBalancerDrainingValve {
private static class MyCookie extends Cookie {
private static final long serialVersionUID = 1L;
- MyCookie(String name, String value) { super(name, value); }
+ MyCookie(String name, String value) {
+ super(name, value);
+ }
@Override
public boolean equals(Object o) {
- if(!(o instanceof MyCookie)) {
+ if (!(o instanceof MyCookie)) {
return false;
}
- MyCookie mc = (MyCookie)o;
- return mc.getName().equals(this.getName())
- && mc.getPath().equals(this.getPath())
- && mc.getValue().equals(this.getValue())
- && mc.getMaxAge() == this.getMaxAge();
+ MyCookie mc = (MyCookie) o;
+ return mc.getName().equals(this.getName()) && mc.getPath().equals(this.getPath()) &&
+ mc.getValue().equals(this.getValue()) && mc.getMaxAge() == this.getMaxAge();
}
@Override
@@ -314,7 +334,8 @@ public class TestLoadBalancerDrainingValve {
@Override
public String toString() {
- return "Cookie { name=" + getName() + ", value=" + getValue() + ", path=" + getPath() + ", maxAge=" + getMaxAge() + " }";
+ return "Cookie { name=" + getName() + ", value=" + getValue() + ", path=" + getPath() + ", maxAge=" +
+ getMaxAge() + " }";
}
}
}
diff --git a/test/org/apache/catalina/valves/TestRemoteIpValve.java b/test/org/apache/catalina/valves/TestRemoteIpValve.java
index ec225d7ac8..054dfe6fa8 100644
--- a/test/org/apache/catalina/valves/TestRemoteIpValve.java
+++ b/test/org/apache/catalina/valves/TestRemoteIpValve.java
@@ -166,7 +166,8 @@ public class TestRemoteIpValve {
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
- request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");
+ request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
+ .setString("140.211.11.130, proxy1, proxy2");
// TEST
remoteIpValve.invoke(request, null);
@@ -176,7 +177,8 @@ public class TestRemoteIpValve {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -207,7 +209,8 @@ public class TestRemoteIpValve {
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("proxy3");
request.setRemoteHost("remote-host-original-value");
- request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");
+ request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
+ .setString("140.211.11.130, proxy1, proxy2");
// TEST
remoteIpValve.invoke(request, null);
@@ -217,7 +220,8 @@ public class TestRemoteIpValve {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3",
+ actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -247,7 +251,8 @@ public class TestRemoteIpValve {
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("proxy3");
request.setRemoteHost("remote-host-original-value");
- request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");
+ request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
+ .setString("140.211.11.130, proxy1, proxy2");
// TEST
remoteIpValve.invoke(request, null);
@@ -257,7 +262,8 @@ public class TestRemoteIpValve {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3",
+ actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -289,7 +295,7 @@ public class TestRemoteIpValve {
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
- .setString("140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11");
+ .setString("140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11");
// TEST
remoteIpValve.invoke(request, null);
@@ -299,7 +305,8 @@ public class TestRemoteIpValve {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -330,7 +337,8 @@ public class TestRemoteIpValve {
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
- request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, 192.168.0.10, 192.168.0.11");
+ request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
+ .setString("140.211.11.130, 192.168.0.10, 192.168.0.11");
// TEST
remoteIpValve.invoke(request, null);
@@ -383,7 +391,8 @@ public class TestRemoteIpValve {
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
- Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2", actualXForwardedBy);
+ Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
@@ -403,7 +412,8 @@ public class TestRemoteIpValve {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
- remoteIpValve.setInternalProxies("172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}");
+ remoteIpValve.setInternalProxies(
+ "172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
@@ -439,7 +449,7 @@ public class TestRemoteIpValve {
Assert.assertTrue("request from internal proxy should be marked secure", isSecure);
String scheme = remoteAddrAndHostTrackerValve.getScheme();
- Assert.assertEquals("Scheme should be marked to https.","https",scheme);
+ Assert.assertEquals("Scheme should be marked to https.", "https", scheme);
request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
@@ -471,7 +481,7 @@ public class TestRemoteIpValve {
Assert.assertTrue("request from internal proxy should be marked secure", isSecure);
scheme = remoteAddrAndHostTrackerValve.getScheme();
- Assert.assertEquals("Scheme should be marked to https.","https",scheme);
+ Assert.assertEquals("Scheme should be marked to https.", "https", scheme);
}
@@ -678,17 +688,20 @@ public class TestRemoteIpValve {
}
@Test
- public void testInvokeXforwardedProtoSaysMultipleForwardsWithFirstBeingHttpForIncomingHttpsRequest() throws Exception {
+ public void testInvokeXforwardedProtoSaysMultipleForwardsWithFirstBeingHttpForIncomingHttpsRequest()
+ throws Exception {
performXForwardedProtoWithMultipleForwardsTest("http,https", true, false);
}
@Test
- public void testInvokeXforwardedProtoSaysMultipleForwardsWithLastBeingHttpForIncomingHttpRequest() throws Exception {
+ public void testInvokeXforwardedProtoSaysMultipleForwardsWithLastBeingHttpForIncomingHttpRequest()
+ throws Exception {
performXForwardedProtoWithMultipleForwardsTest("https,http", false, false);
}
@Test
- public void testInvokeXforwardedProtoSaysMultipleForwardsWithMiddleBeingHttpForIncomingHttpsRequest() throws Exception {
+ public void testInvokeXforwardedProtoSaysMultipleForwardsWithMiddleBeingHttpForIncomingHttpsRequest()
+ throws Exception {
performXForwardedProtoWithMultipleForwardsTest("https,http,https", true, false);
}
@@ -702,8 +715,8 @@ public class TestRemoteIpValve {
performXForwardedProtoWithMultipleForwardsTest(",", false, false);
}
- private void performXForwardedProtoWithMultipleForwardsTest(String incomingHeaderValue,
- boolean arrivesAsSecure, boolean shouldBeSecure) throws Exception {
+ private void performXForwardedProtoWithMultipleForwardsTest(String incomingHeaderValue, boolean arrivesAsSecure,
+ boolean shouldBeSecure) throws Exception {
// PREPARE
String incomingScheme = arrivesAsSecure ? "https" : "http";
@@ -759,12 +772,12 @@ public class TestRemoteIpValve {
Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedServerPort, actualServerPort);
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
- Assert.assertEquals("x-forwarded-proto says " + expectedScheme,
- Boolean.valueOf(shouldBeSecure), Boolean.valueOf(actualSecure));
+ Assert.assertEquals("x-forwarded-proto says " + expectedScheme, Boolean.valueOf(shouldBeSecure),
+ Boolean.valueOf(actualSecure));
boolean actualPostInvokeSecure = request.isSecure();
- Assert.assertEquals("postInvoke secure",
- Boolean.valueOf(arrivesAsSecure), Boolean.valueOf(actualPostInvokeSecure));
+ Assert.assertEquals("postInvoke secure", Boolean.valueOf(arrivesAsSecure),
+ Boolean.valueOf(actualPostInvokeSecure));
int actualPostInvokeServerPort = request.getServerPort();
Assert.assertEquals("postInvoke serverPort", incomingServerPort, actualPostInvokeServerPort);
@@ -965,7 +978,8 @@ public class TestRemoteIpValve {
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("not-allowed-internal-proxy");
request.setRemoteHost("not-allowed-internal-proxy-host");
- request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");
+ request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
+ .setString("140.211.11.130, proxy1, proxy2");
// TEST
remoteIpValve.invoke(request, null);
@@ -1006,17 +1020,19 @@ public class TestRemoteIpValve {
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
- .setString("140.211.11.130, proxy1, untrusted-proxy, proxy2");
+ .setString("140.211.11.130, proxy1, untrusted-proxy, proxy2");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
- Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130,proxy1", actualXForwardedFor);
+ Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130,proxy1",
+ actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
- Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2", actualXForwardedBy);
+ Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2",
+ actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);
@@ -1034,18 +1050,14 @@ public class TestRemoteIpValve {
@Test
public void testCommaDelimitedListToStringArray() {
String[] actual = RemoteIpValve.commaDelimitedListToStringArray("element1, element2, element3");
- String[] expected = new String[] {
- "element1", "element2", "element3"
- };
+ String[] expected = new String[] { "element1", "element2", "element3" };
assertArrayEquals(expected, actual);
}
@Test
public void testCommaDelimitedListToStringArrayMixedSpaceChars() {
String[] actual = RemoteIpValve.commaDelimitedListToStringArray("element1 , element2,\t element3");
- String[] expected = new String[] {
- "element1", "element2", "element3"
- };
+ String[] expected = new String[] { "element1", "element2", "element3" };
assertArrayEquals(expected, actual);
}
@@ -1073,16 +1085,13 @@ public class TestRemoteIpValve {
remoteIpValve.invoke(request, null);
// VERIFY
- Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort",
- Integer.valueOf(8080),
+ Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort", Integer.valueOf(8080),
request.getAttribute(AccessLog.SERVER_PORT_ATTRIBUTE));
- Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr",
- "140.211.11.130",
+ Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr", "140.211.11.130",
request.getAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE));
- Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost",
- "140.211.11.130",
+ Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost", "140.211.11.130",
request.getAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE));
}
@@ -1110,8 +1119,7 @@ public class TestRemoteIpValve {
remoteIpValve.invoke(request, null);
// VERIFY
- Assert.assertEquals("org.apache.tomcat.request.forwarded",
- Boolean.TRUE,
+ Assert.assertEquals("org.apache.tomcat.request.forwarded", Boolean.TRUE,
request.getAttribute(Globals.REQUEST_FORWARDED_ATTRIBUTE));
}
@@ -1139,15 +1147,15 @@ public class TestRemoteIpValve {
// VERIFY
Assert.assertEquals("140.211.11.130:1234", remoteAddrAndHostTrackerValve.getRemoteAddr());
- }
+ }
@Test
public void testRequestForwardedForWithProxyPortNumber() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
- //remoteIpValve.setRemoteIpHeader("x-forwarded-for");
- //remoteIpValve.setProtocolHeader("x-forwarded-proto");
+ // remoteIpValve.setRemoteIpHeader("x-forwarded-for");
+ // remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
@@ -1158,7 +1166,8 @@ public class TestRemoteIpValve {
request.setRemoteHost("192.168.0.10");
// Trust c.d
remoteIpValve.setTrustedProxies("foo\\.bar:123");
- request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130:1234, foo.bar:123");
+ request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
+ .setString("140.211.11.130:1234, foo.bar:123");
// protocol
request.setServerPort(8080);
request.getCoyoteRequest().scheme().setString("http");
@@ -1169,7 +1178,7 @@ public class TestRemoteIpValve {
// VERIFY
Assert.assertEquals("140.211.11.130:1234", remoteAddrAndHostTrackerValve.getRemoteAddr());
- }
+ }
private void assertArrayEquals(String[] expected, String[] actual) {
if (expected == null) {
diff --git a/test/org/apache/catalina/valves/TestRequestFilterValve.java b/test/org/apache/catalina/valves/TestRequestFilterValve.java
index f4b1c3738b..2deb7db5a4 100644
--- a/test/org/apache/catalina/valves/TestRequestFilterValve.java
+++ b/test/org/apache/catalina/valves/TestRequestFilterValve.java
@@ -34,41 +34,41 @@ import org.apache.catalina.core.StandardContext;
*/
public class TestRequestFilterValve {
- private static final int OK = 200;
+ private static final int OK = 200;
private static final int FORBIDDEN = 403;
- private static final int CUSTOM = 499;
+ private static final int CUSTOM = 499;
- private static final String ADDR_ALLOW_PAT = "127\\.\\d*\\.\\d*\\.\\d*";
- private static final String ADDR_DENY_PAT = "\\d*\\.\\d*\\.\\d*\\.1";
- private static final String ADDR_ONLY_ALLOW = "127.0.0.2";
- private static final String ADDR_ONLY_DENY = "192.168.0.1";
- private static final String ADDR_ALLOW_AND_DENY = "127.0.0.1";
+ private static final String ADDR_ALLOW_PAT = "127\\.\\d*\\.\\d*\\.\\d*";
+ private static final String ADDR_DENY_PAT = "\\d*\\.\\d*\\.\\d*\\.1";
+ private static final String ADDR_ONLY_ALLOW = "127.0.0.2";
+ private static final String ADDR_ONLY_DENY = "192.168.0.1";
+ private static final String ADDR_ALLOW_AND_DENY = "127.0.0.1";
private static final String ADDR_NO_ALLOW_NO_DENY = "192.168.0.2";
- private static final String HOST_ALLOW_PAT = "www\\.example\\.[a-zA-Z0-9-]*";
- private static final String HOST_DENY_PAT = ".*\\.org";
- private static final String HOST_ONLY_ALLOW = "www.example.com";
- private static final String HOST_ONLY_DENY = "host.example.org";
- private static final String HOST_ALLOW_AND_DENY = "www.example.org";
+ private static final String HOST_ALLOW_PAT = "www\\.example\\.[a-zA-Z0-9-]*";
+ private static final String HOST_DENY_PAT = ".*\\.org";
+ private static final String HOST_ONLY_ALLOW = "www.example.com";
+ private static final String HOST_ONLY_DENY = "host.example.org";
+ private static final String HOST_ALLOW_AND_DENY = "www.example.org";
private static final String HOST_NO_ALLOW_NO_DENY = "host.example.com";
- private static final String CIDR_ALLOW_PROP = "127.0.0.0/16";
- private static final String CIDR_DENY_PROP = "192.168.0.0/24,127.0.0.0/24";
- private static final String CIDR_ONLY_ALLOW = "127.0.1.1";
- private static final String CIDR_ONLY_DENY = "192.168.0.1";
- private static final String CIDR_ALLOW_AND_DENY = "127.0.0.1";
+ private static final String CIDR_ALLOW_PROP = "127.0.0.0/16";
+ private static final String CIDR_DENY_PROP = "192.168.0.0/24,127.0.0.0/24";
+ private static final String CIDR_ONLY_ALLOW = "127.0.1.1";
+ private static final String CIDR_ONLY_DENY = "192.168.0.1";
+ private static final String CIDR_ALLOW_AND_DENY = "127.0.0.1";
private static final String CIDR_NO_ALLOW_NO_DENY = "192.168.1.1";
- private static final String CIDR6_ALLOW_PROP = "::/96";
- private static final String CIDR6_DENY_PROP = "::f:0:0/112,::/112";
- private static final String CIDR6_ONLY_ALLOW = "0:0:0:0:0:0:148f:1";
- private static final String CIDR6_ONLY_DENY = "0:0:0:0:0:F:0:a";
- private static final String CIDR6_ALLOW_AND_DENY = "0:0:0:0:0:0:0:fA8";
+ private static final String CIDR6_ALLOW_PROP = "::/96";
+ private static final String CIDR6_DENY_PROP = "::f:0:0/112,::/112";
+ private static final String CIDR6_ONLY_ALLOW = "0:0:0:0:0:0:148f:1";
+ private static final String CIDR6_ONLY_DENY = "0:0:0:0:0:F:0:a";
+ private static final String CIDR6_ALLOW_AND_DENY = "0:0:0:0:0:0:0:fA8";
private static final String CIDR6_NO_ALLOW_NO_DENY = "1:0:0:0:0:0:0:1";
private static final int PORT = 8080;
private static final String ADDR_OTHER = "1.2.3.4";
- private static final String PORT_MATCH_PATTERN = ";\\d*";
+ private static final String PORT_MATCH_PATTERN = ";\\d*";
private static final String PORT_NO_MATCH_PATTERN = ";8081";
@@ -92,22 +92,16 @@ public class TestRequestFilterValve {
}
}
- private void twoTests(String allow, String deny, boolean denyStatus,
- boolean addConnectorPort,
- boolean auth, String property, String type,
- boolean allowed) {
- oneTest(allow, deny, denyStatus, addConnectorPort, false,
- auth, property, type, allowed);
+ private void twoTests(String allow, String deny, boolean denyStatus, boolean addConnectorPort, boolean auth,
+ String property, String type, boolean allowed) {
+ oneTest(allow, deny, denyStatus, addConnectorPort, false, auth, property, type, allowed);
if (!type.equals("Host")) {
- oneTest(allow, deny, denyStatus, addConnectorPort, true,
- auth, property, type, allowed);
+ oneTest(allow, deny, denyStatus, addConnectorPort, true, auth, property, type, allowed);
}
}
- private void oneTest(String allow, String deny, boolean denyStatus,
- boolean addConnectorPort, boolean usePeerAddress,
- boolean auth, String property, String type,
- boolean allowed) {
+ private void oneTest(String allow, String deny, boolean denyStatus, boolean addConnectorPort,
+ boolean usePeerAddress, boolean auth, String property, String type, boolean allowed) {
// PREPARE
RequestFilterValve valve = null;
Connector connector = new Connector();
@@ -131,7 +125,7 @@ public class TestRequestFilterValve {
if (usePeerAddress) {
request.setRemoteAddr(ADDR_OTHER);
request.getCoyoteRequest().peerAddr().setString(property);
- ((RemoteAddrValve)valve).setUsePeerAddress(true);
+ ((RemoteAddrValve) valve).setUsePeerAddress(true);
msg.append(" peer='" + property + "'");
} else {
request.setRemoteAddr(property);
@@ -147,7 +141,7 @@ public class TestRequestFilterValve {
if (usePeerAddress) {
request.setRemoteAddr(ADDR_OTHER);
request.getCoyoteRequest().peerAddr().setString(property);
- ((RemoteCIDRValve)valve).setUsePeerAddress(true);
+ ((RemoteCIDRValve) valve).setUsePeerAddress(true);
msg.append(" peer='" + property + "'");
} else {
request.setRemoteAddr(property);
@@ -176,11 +170,11 @@ public class TestRequestFilterValve {
}
if (addConnectorPort) {
if (valve instanceof RemoteAddrValve) {
- ((RemoteAddrValve)valve).setAddConnectorPort(true);
+ ((RemoteAddrValve) valve).setAddConnectorPort(true);
} else if (valve instanceof RemoteHostValve) {
- ((RemoteHostValve)valve).setAddConnectorPort(true);
+ ((RemoteHostValve) valve).setAddConnectorPort(true);
} else if (valve instanceof RemoteCIDRValve) {
- ((RemoteCIDRValve)valve).setAddConnectorPort(true);
+ ((RemoteCIDRValve) valve).setAddConnectorPort(true);
} else {
Assert.fail("Can only set 'addConnectorPort' for RemoteAddrValve, RemoteHostValve and RemoteCIDRValve");
}
@@ -196,7 +190,7 @@ public class TestRequestFilterValve {
try {
valve.invoke(request, response);
} catch (IOException | ServletException ex) {
- //Ignore
+ // Ignore
}
// VERIFY
@@ -208,213 +202,195 @@ public class TestRequestFilterValve {
}
}
- private void standardTests(String allow_pat, String deny_pat,
- String OnlyAllow, String OnlyDeny,
- String AllowAndDeny, String NoAllowNoDeny,
- boolean auth, String type) {
+ private void standardTests(String allow_pat, String deny_pat, String OnlyAllow, String OnlyDeny,
+ String AllowAndDeny, String NoAllowNoDeny, boolean auth, String type) {
String apat;
String dpat;
// Test without ports
apat = allow_pat;
dpat = deny_pat;
- twoTests(null, null, false, false, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, false, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, false, auth, AllowAndDeny, type, true);
+ twoTests(null, null, false, false, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, false, auth, AllowAndDeny, type, true);
twoTests(apat, null, false, false, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, false, auth, AllowAndDeny, type, true);
- twoTests(apat, null, true, false, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, false, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, false, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, false, auth, AllowAndDeny, type, false);
twoTests(null, dpat, false, false, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, false, auth, AllowAndDeny, type, false);
- twoTests(null, dpat, true, false, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, false, auth, AllowAndDeny, type, false);
+ twoTests(null, dpat, true, false, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, false, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, false, auth, OnlyAllow, type, true);
- twoTests(apat, dpat, false, false, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, false, auth, AllowAndDeny, type, false);
- twoTests(apat, dpat, true, false, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, false, auth, OnlyAllow, type, true);
- twoTests(apat, dpat, true, false, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, false, false, auth, OnlyAllow, type, true);
+ twoTests(apat, dpat, false, false, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, true, false, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, false, auth, OnlyAllow, type, true);
+ twoTests(apat, dpat, true, false, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, false, auth, AllowAndDeny, type, false);
// Test with port in pattern but forgotten "addConnectorPort"
apat = allow_pat + PORT_MATCH_PATTERN;
dpat = deny_pat + PORT_MATCH_PATTERN;
- twoTests(null, null, false, false, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, false, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, false, auth, AllowAndDeny, type, false);
+ twoTests(null, null, false, false, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, false, auth, AllowAndDeny, type, false);
twoTests(apat, null, false, false, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, false, auth, AllowAndDeny, type, false);
- twoTests(apat, null, true, false, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, false, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, false, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, false, auth, AllowAndDeny, type, true);
twoTests(null, dpat, false, false, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, false, auth, AllowAndDeny, type, true);
- twoTests(null, dpat, true, false, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, false, auth, AllowAndDeny, type, true);
+ twoTests(null, dpat, true, false, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, false, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, false, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, false, false, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, false, auth, AllowAndDeny, type, false);
- twoTests(apat, dpat, true, false, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, false, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, true, false, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, false, false, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, false, false, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, false, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, true, false, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, false, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, true, false, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, false, auth, AllowAndDeny, type, false);
// Test with "addConnectorPort" but port not in pattern
apat = allow_pat;
dpat = deny_pat;
- twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, true, auth, AllowAndDeny, type, false);
twoTests(apat, null, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, true, auth, AllowAndDeny, type, true);
twoTests(null, dpat, false, true, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, true, auth, AllowAndDeny, type, true);
- twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, true, auth, AllowAndDeny, type, true);
+ twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
- twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
// Test "addConnectorPort" and with port matching in both patterns
apat = allow_pat + PORT_MATCH_PATTERN;
dpat = deny_pat + PORT_MATCH_PATTERN;
- twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, true, auth, AllowAndDeny, type, true);
+ twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, true, auth, AllowAndDeny, type, true);
twoTests(apat, null, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, true, auth, AllowAndDeny, type, true);
- twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, true, auth, AllowAndDeny, type, false);
twoTests(null, dpat, false, true, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, true, auth, AllowAndDeny, type, false);
- twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, true, auth, AllowAndDeny, type, false);
+ twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyAllow, type, true);
- twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
- twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyAllow, type, true);
- twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyAllow, type, true);
+ twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyAllow, type, true);
+ twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
// Test "addConnectorPort" and with port not matching in both patterns
apat = allow_pat + PORT_NO_MATCH_PATTERN;
dpat = deny_pat + PORT_NO_MATCH_PATTERN;
- twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, true, auth, AllowAndDeny, type, false);
twoTests(apat, null, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, true, auth, AllowAndDeny, type, true);
twoTests(null, dpat, false, true, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, true, auth, AllowAndDeny, type, true);
- twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, true, auth, AllowAndDeny, type, true);
+ twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
- twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
// Test "addConnectorPort" and with port matching only in allow
apat = allow_pat + PORT_MATCH_PATTERN;
dpat = deny_pat + PORT_NO_MATCH_PATTERN;
- twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, true, auth, AllowAndDeny, type, true);
+ twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, true, auth, AllowAndDeny, type, true);
twoTests(apat, null, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, true, auth, AllowAndDeny, type, true);
- twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, true, auth, AllowAndDeny, type, true);
twoTests(null, dpat, false, true, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, true, auth, AllowAndDeny, type, true);
- twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, true, auth, AllowAndDeny, type, true);
+ twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyAllow, type, true);
- twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, true);
- twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyAllow, type, true);
- twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, dpat, false, true, auth, OnlyAllow, type, true);
+ twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, true);
+ twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyAllow, type, true);
+ twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, true);
// Test "addConnectorPort" and with port matching only in deny
apat = allow_pat + PORT_NO_MATCH_PATTERN;
dpat = deny_pat + PORT_MATCH_PATTERN;
- twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
- twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, false, true, auth, AllowAndDeny, type, false);
+ twoTests(null, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, false, true, auth, AllowAndDeny, type, false);
twoTests(apat, null, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, null, true, true, auth, AllowAndDeny, type, false);
- twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(null, dpat, false, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, null, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(null, dpat, false, true, auth, AllowAndDeny, type, false);
twoTests(null, dpat, false, true, auth, NoAllowNoDeny, type, true);
- twoTests(null, dpat, true, true, auth, AllowAndDeny, type, false);
- twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
+ twoTests(null, dpat, true, true, auth, AllowAndDeny, type, false);
+ twoTests(null, dpat, true, true, auth, NoAllowNoDeny, type, true);
twoTests(apat, dpat, false, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
- twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyAllow, type, false);
- twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
- twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, false, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, false, true, auth, AllowAndDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, NoAllowNoDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyAllow, type, false);
+ twoTests(apat, dpat, true, true, auth, OnlyDeny, type, false);
+ twoTests(apat, dpat, true, true, auth, AllowAndDeny, type, false);
}
@Test
public void testRemoteAddrValveIPv4() {
- standardTests(ADDR_ALLOW_PAT, ADDR_DENY_PAT,
- ADDR_ONLY_ALLOW, ADDR_ONLY_DENY,
- ADDR_ALLOW_AND_DENY, ADDR_NO_ALLOW_NO_DENY,
- false, "Addr");
- standardTests(ADDR_ALLOW_PAT, ADDR_DENY_PAT,
- ADDR_ONLY_ALLOW, ADDR_ONLY_DENY,
- ADDR_ALLOW_AND_DENY, ADDR_NO_ALLOW_NO_DENY,
- true, "Addr");
+ standardTests(ADDR_ALLOW_PAT, ADDR_DENY_PAT, ADDR_ONLY_ALLOW, ADDR_ONLY_DENY, ADDR_ALLOW_AND_DENY,
+ ADDR_NO_ALLOW_NO_DENY, false, "Addr");
+ standardTests(ADDR_ALLOW_PAT, ADDR_DENY_PAT, ADDR_ONLY_ALLOW, ADDR_ONLY_DENY, ADDR_ALLOW_AND_DENY,
+ ADDR_NO_ALLOW_NO_DENY, true, "Addr");
}
@Test
public void testRemoteHostValve() {
- standardTests(HOST_ALLOW_PAT, HOST_DENY_PAT,
- HOST_ONLY_ALLOW, HOST_ONLY_DENY,
- HOST_ALLOW_AND_DENY, HOST_NO_ALLOW_NO_DENY,
- false, "Host");
- standardTests(HOST_ALLOW_PAT, HOST_DENY_PAT,
- HOST_ONLY_ALLOW, HOST_ONLY_DENY,
- HOST_ALLOW_AND_DENY, HOST_NO_ALLOW_NO_DENY,
- true, "Host");
+ standardTests(HOST_ALLOW_PAT, HOST_DENY_PAT, HOST_ONLY_ALLOW, HOST_ONLY_DENY, HOST_ALLOW_AND_DENY,
+ HOST_NO_ALLOW_NO_DENY, false, "Host");
+ standardTests(HOST_ALLOW_PAT, HOST_DENY_PAT, HOST_ONLY_ALLOW, HOST_ONLY_DENY, HOST_ALLOW_AND_DENY,
+ HOST_NO_ALLOW_NO_DENY, true, "Host");
}
@Test
public void testRemoteCIDRValve() {
- standardTests(CIDR_ALLOW_PROP, CIDR_DENY_PROP,
- CIDR_ONLY_ALLOW, CIDR_ONLY_DENY,
- CIDR_ALLOW_AND_DENY, CIDR_NO_ALLOW_NO_DENY,
- false, "CIDR");
- standardTests(CIDR_ALLOW_PROP, CIDR_DENY_PROP,
- CIDR_ONLY_ALLOW, CIDR_ONLY_DENY,
- CIDR_ALLOW_AND_DENY, CIDR_NO_ALLOW_NO_DENY,
- true, "CIDR");
+ standardTests(CIDR_ALLOW_PROP, CIDR_DENY_PROP, CIDR_ONLY_ALLOW, CIDR_ONLY_DENY, CIDR_ALLOW_AND_DENY,
+ CIDR_NO_ALLOW_NO_DENY, false, "CIDR");
+ standardTests(CIDR_ALLOW_PROP, CIDR_DENY_PROP, CIDR_ONLY_ALLOW, CIDR_ONLY_DENY, CIDR_ALLOW_AND_DENY,
+ CIDR_NO_ALLOW_NO_DENY, true, "CIDR");
}
@Test
public void testRemoteCIDR6Valve() {
- standardTests(CIDR6_ALLOW_PROP, CIDR6_DENY_PROP,
- CIDR6_ONLY_ALLOW, CIDR6_ONLY_DENY,
- CIDR6_ALLOW_AND_DENY, CIDR6_NO_ALLOW_NO_DENY,
- false, "CIDR");
- standardTests(CIDR6_ALLOW_PROP, CIDR6_DENY_PROP,
- CIDR6_ONLY_ALLOW, CIDR6_ONLY_DENY,
- CIDR6_ALLOW_AND_DENY, CIDR6_NO_ALLOW_NO_DENY,
- true, "CIDR");
+ standardTests(CIDR6_ALLOW_PROP, CIDR6_DENY_PROP, CIDR6_ONLY_ALLOW, CIDR6_ONLY_DENY, CIDR6_ALLOW_AND_DENY,
+ CIDR6_NO_ALLOW_NO_DENY, false, "CIDR");
+ standardTests(CIDR6_ALLOW_PROP, CIDR6_DENY_PROP, CIDR6_ONLY_ALLOW, CIDR6_ONLY_DENY, CIDR6_ALLOW_AND_DENY,
+ CIDR6_NO_ALLOW_NO_DENY, true, "CIDR");
}
}
diff --git a/test/org/apache/catalina/valves/TestStuckThreadDetectionValve.java b/test/org/apache/catalina/valves/TestStuckThreadDetectionValve.java
index cc59ad7d27..ae54e19421 100644
--- a/test/org/apache/catalina/valves/TestStuckThreadDetectionValve.java
+++ b/test/org/apache/catalina/valves/TestStuckThreadDetectionValve.java
@@ -44,16 +44,14 @@ public class TestStuckThreadDetectionValve extends TomcatBaseTest {
super.setUp();
tomcat = getTomcatInstance();
File docBase = new File(System.getProperty("java.io.tmpdir"));
- context = (StandardContext) tomcat.addContext("",
- docBase.getAbsolutePath());
+ context = (StandardContext) tomcat.addContext("", docBase.getAbsolutePath());
}
@Test
public void testDetection() throws Exception {
// second, we test the actual effect of the flag on the startup
StickingServlet stickingServlet = new StickingServlet(8000L);
- Wrapper servlet = Tomcat.addServlet(context, "myservlet",
- stickingServlet);
+ Wrapper servlet = Tomcat.addServlet(context, "myservlet", stickingServlet);
servlet.addMapping("/myservlet");
StuckThreadDetectionValve valve = new StuckThreadDetectionValve();
@@ -69,8 +67,7 @@ public class TestStuckThreadDetectionValve extends TomcatBaseTest {
@Override
public void run() {
try {
- getUrl("http://localhost:" + getPort() + "/myservlet",
- result, null);
+ getUrl("http://localhost:" + getPort() + "/myservlet", result, null);
} catch (IOException e) {
e.printStackTrace();
}
@@ -96,10 +93,8 @@ public class TestStuckThreadDetectionValve extends TomcatBaseTest {
@Test
public void testInterruption() throws Exception {
// second, we test the actual effect of the flag on the startup
- StickingServlet stickingServlet = new StickingServlet(
- TimeUnit.SECONDS.toMillis(20L));
- Wrapper servlet = Tomcat.addServlet(context, "myservlet",
- stickingServlet);
+ StickingServlet stickingServlet = new StickingServlet(TimeUnit.SECONDS.toMillis(20L));
+ Wrapper servlet = Tomcat.addServlet(context, "myservlet", stickingServlet);
servlet.addMapping("/myservlet");
StuckThreadDetectionValve valve = new StuckThreadDetectionValve();
@@ -116,8 +111,7 @@ public class TestStuckThreadDetectionValve extends TomcatBaseTest {
@Override
public void run() {
try {
- getUrl("http://localhost:" + getPort() + "/myservlet",
- result, null);
+ getUrl("http://localhost:" + getPort() + "/myservlet", result, null);
} catch (IOException e) {
e.printStackTrace();
}
@@ -150,8 +144,7 @@ public class TestStuckThreadDetectionValve extends TomcatBaseTest {
}
@Override
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws IOException {
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
try {
Thread.sleep(delay);
} catch (InterruptedException e) {
diff --git a/test/org/apache/catalina/valves/TesterAccessLogValve.java b/test/org/apache/catalina/valves/TesterAccessLogValve.java
index b09a99e358..4ef6710459 100644
--- a/test/org/apache/catalina/valves/TesterAccessLogValve.java
+++ b/test/org/apache/catalina/valves/TesterAccessLogValve.java
@@ -45,8 +45,7 @@ public class TesterAccessLogValve extends ValveBase implements AccessLog {
@Override
public void log(Request request, Response response, long time) {
- entries.add(new Entry(request.getRequestURI(), response.getStatus(),
- TimeUnit.NANOSECONDS.toMillis(time)));
+ entries.add(new Entry(request.getRequestURI(), response.getStatus(), TimeUnit.NANOSECONDS.toMillis(time)));
}
@Override
@@ -61,8 +60,7 @@ public class TesterAccessLogValve extends ValveBase implements AccessLog {
}
@Override
- public void invoke(Request request, Response response) throws IOException,
- ServletException {
+ public void invoke(Request request, Response response) throws IOException, ServletException {
// Just invoke next - access logging happens via log() method
getNext().invoke(request, response);
}
@@ -71,8 +69,7 @@ public class TesterAccessLogValve extends ValveBase implements AccessLog {
return entries.size();
}
- public void validateAccessLog(int count, int status, long minTime,
- long maxTime) throws Exception {
+ public void validateAccessLog(int count, int status, long minTime, long maxTime) throws Exception {
// Wait (but not too long) until all expected entries appear (access log
// entry will be made after response has been returned to user)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org