You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wookie.apache.org by sc...@apache.org on 2012/03/01 16:07:59 UTC
svn commit: r1295607 - in /incubator/wookie/trunk:
src-tests/org/apache/wookie/tests/proxy/PolicyTest.java
src/org/apache/wookie/proxy/Policy.java
Author: scottbw
Date: Thu Mar 1 15:07:58 2012
New Revision: 1295607
URL: http://svn.apache.org/viewvc?rev=1295607&view=rev
Log:
Check the scope and directive are valid for any new policies when creating a new Policy instance (Fix for WOOKIE-322)
Modified:
incubator/wookie/trunk/src-tests/org/apache/wookie/tests/proxy/PolicyTest.java
incubator/wookie/trunk/src/org/apache/wookie/proxy/Policy.java
Modified: incubator/wookie/trunk/src-tests/org/apache/wookie/tests/proxy/PolicyTest.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src-tests/org/apache/wookie/tests/proxy/PolicyTest.java?rev=1295607&r1=1295606&r2=1295607&view=diff
==============================================================================
--- incubator/wookie/trunk/src-tests/org/apache/wookie/tests/proxy/PolicyTest.java (original)
+++ incubator/wookie/trunk/src-tests/org/apache/wookie/tests/proxy/PolicyTest.java Thu Mar 1 15:07:58 2012
@@ -41,7 +41,7 @@ public class PolicyTest {
policy.setOrigin("*");
policy.setDirective("ALLOW");
}
-
+
@Test
public void createPolicyFromString() throws PolicyFormatException{
Policy policy = new Policy("* http://localhost ALLOW");
@@ -52,6 +52,16 @@ public class PolicyTest {
Policy policy = new Policy("http://localhost ALLOW");
}
+ @Test(expected = PolicyFormatException.class)
+ public void createPolicyFromInvalidString2() throws PolicyFormatException{
+ Policy policy = new Policy("* * BANANA");
+ }
+
+ @Test(expected = PolicyFormatException.class)
+ public void createPolicyFromInvalidString3() throws PolicyFormatException{
+ Policy policy = new Policy("BANANA * ALLOW");
+ }
+
@Test
public void policyToString() throws PolicyFormatException{
Policy policy = new Policy("* http://localhost ALLOW");
Modified: incubator/wookie/trunk/src/org/apache/wookie/proxy/Policy.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/proxy/Policy.java?rev=1295607&r1=1295606&r2=1295607&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/proxy/Policy.java (original)
+++ incubator/wookie/trunk/src/org/apache/wookie/proxy/Policy.java Thu Mar 1 15:07:58 2012
@@ -17,8 +17,10 @@
package org.apache.wookie.proxy;
+import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
+import java.net.URL;
import org.apache.wookie.w3c.util.IRIValidator;
@@ -70,8 +72,8 @@ public class Policy {
/**
* @param scope the scope to set
*/
- public void setScope(String scope) {
- this.scope = scope;
+ public void setScope(String scope) throws PolicyFormatException{
+ this.scope = this.checkScope(scope);
}
/**
* @return the origin
@@ -95,8 +97,13 @@ public class Policy {
/**
* @param directive the directive to set
*/
- public void setDirective(String directive) {
- this.directive = directive;
+ public void setDirective(String directive) throws PolicyFormatException {
+ directive = directive.trim().toUpperCase();
+ if (directive.equals("ALLOW") || directive.equals("DENY")){
+ this.directive = directive;
+ } else {
+ throw new PolicyFormatException("Unsupported policy directive: "+directive);
+ }
}
/* (non-Javadoc)
@@ -201,6 +208,27 @@ public class Policy {
}
return 0;
}
+
+ private String checkScope(String scope) throws PolicyFormatException{
+ //
+ // Wildcards are a valid scope
+ //
+ if (scope.equals("*")) return scope;
+
+ try {
+ //
+ // URLs are a valid scope
+ //
+ new URL(scope);
+ return scope;
+ } catch (MalformedURLException e) {
+ //
+ // IRIs are a valid scope
+ //
+ if (!IRIValidator.isValidIRI(scope)) throw new PolicyFormatException("scope is not a valid wildcard, URL or IRI");
+ return scope;
+ }
+ }
/**
* Checks whether a supplied origin parameter is valid, and returns the processed result