You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by jo...@apache.org on 2010/10/27 00:04:47 UTC
svn commit: r1027757 - in /shindig/trunk/java/gadgets/src:
main/java/org/apache/shindig/gadgets/render/
test/java/org/apache/shindig/gadgets/parse/caja/
test/java/org/apache/shindig/gadgets/render/
test/java/org/apache/shindig/gadgets/uri/
Author: johnh
Date: Tue Oct 26 22:04:47 2010
New Revision: 1027757
URL: http://svn.apache.org/viewvc?rev=1027757&view=rev
Log:
Fix SanitizingProxyUriManager to augment the ProxyUri object rather than naively tacking on query parameters.
This has the effect of correctly positioning sanitize=1 and/or rewriteMime=<mime> in a downstream proxy Uri -
in path params for chained-proxy syntax or in query params otherwise.
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManager.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssSanitizerTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManagerTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingResponseRewriterTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/PassthruManager.java
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManager.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManager.java?rev=1027757&r1=1027756&r2=1027757&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManager.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManager.java Tue Oct 26 22:04:47 2010
@@ -19,12 +19,8 @@
package org.apache.shindig.gadgets.render;
import org.apache.shindig.common.uri.Uri;
-import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.uri.ProxyUriManager;
-import org.apache.shindig.gadgets.uri.UriCommon.Param;
-
-import com.google.common.collect.Lists;
import java.util.List;
@@ -49,18 +45,13 @@ public class SanitizingProxyUriManager i
public List<Uri> make(List<ProxyUri> ctx, Integer forcedRefresh) {
// Just wraps the original ProxyUriManager and adds a few query params.
- List<Uri> origUris = wrapped.make(ctx, forcedRefresh);
- List<Uri> sanitizedUris = Lists.newArrayListWithCapacity(origUris.size());
-
- for (Uri origUri : origUris) {
- UriBuilder newUri = new UriBuilder(origUri);
- newUri.addQueryParameter(Param.SANITIZE.getKey(), "1");
+ for (ProxyUri proxyUri : ctx) {
+ proxyUri.setSanitizeContent(true);
if (expectedMime != null) {
- newUri.addQueryParameter(Param.REWRITE_MIME_TYPE.getKey(), expectedMime);
+ proxyUri.setRewriteMimeType(expectedMime);
}
- sanitizedUris.add(newUri.toUri());
}
-
- return sanitizedUris;
+
+ return wrapped.make(ctx, forcedRefresh);
}
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssSanitizerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssSanitizerTest.java?rev=1027757&r1=1027756&r2=1027757&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssSanitizerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssSanitizerTest.java Tue Oct 26 22:04:47 2010
@@ -146,8 +146,8 @@ public class CajaCssSanitizerTest extend
sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter);
assertStyleEquals(".xyz { " +
"background: url('//www.mock.com/dir/proxy?container=mockContainer&gadget=http%3A%2F%2Fwww.example.org%2Fbase" +
- "&debug=0&nocache=0&url=http%3A%2F%2Fwww.example.org%2Fimg.gif&" +
- "sanitize=1&rewriteMime=image%2F%2a');}", styleSheet);
+ "&debug=0&nocache=0&rewriteMime=image%2F%2a&sanitize=1&" +
+ "url=http%3A%2F%2Fwww.example.org%2Fimg.gif');}", styleSheet);
}
@Test
@@ -157,8 +157,8 @@ public class CajaCssSanitizerTest extend
sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter);
assertEquals(".xyz{" +
"background:url('//www.mock.com/dir/proxy?container=mockContainer&gadget=http%3A%2F%2Fwww.example.org%2Fbase" +
- "&debug=0&nocache=0&url=http%3A%2F%2Fwww.example.org%2Fimg.gif" +
- "&sanitize=1&rewriteMime=image%2F%2a');}",
+ "&debug=0&nocache=0&rewriteMime=image%2F%2a&sanitize=1" +
+ "&url=http%3A%2F%2Fwww.example.org%2Fimg.gif');}",
parser.serialize(styleSheet).replaceAll("\\s", ""));
}
@@ -176,8 +176,8 @@ public class CajaCssSanitizerTest extend
sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter);
assertEquals(".xyz{" +
"background:url('//www.test.com/dir/proxy?container=default&gadget=http%3A%2F%2Fwww.example.org%2Fbase" +
- "&debug=0&nocache=0&url=http%3A%2F%2Fwww.example.org%2Fimg.gif" +
- "&sanitize=1&rewriteMime=image%2F%2a');}",
+ "&debug=0&nocache=0&rewriteMime=image%2F%2a&sanitize=1" +
+ "&url=http%3A%2F%2Fwww.example.org%2Fimg.gif');}",
parser.serialize(styleSheet).replaceAll("\\s", ""));
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManagerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManagerTest.java?rev=1027757&r1=1027756&r2=1027757&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManagerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingProxyUriManagerTest.java Tue Oct 26 22:04:47 2010
@@ -25,14 +25,12 @@ import static org.easymock.EasyMock.repl
import static org.easymock.EasyMock.verify;
import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.gadgets.uri.ProxyUriManager;
import org.apache.shindig.gadgets.uri.ProxyUriManager.ProxyUri;
-import org.apache.shindig.gadgets.uri.UriCommon.Param;
import org.easymock.Capture;
import org.junit.Before;
@@ -78,6 +76,8 @@ public class SanitizingProxyUriManagerTe
expect(uriManager.make(capture(uriCapture), capture(intCapture)))
.andReturn(output).once();
replay(uriManager);
+ expect(proxyUri.setSanitizeContent(true)).andReturn(proxyUri).once();
+ replay(proxyUri);
SanitizingProxyUriManager rewriter = makeRewriter(null);
List<Uri> returned = rewriter.make(input, refresh);
@@ -86,8 +86,7 @@ public class SanitizingProxyUriManagerTe
assertSame(uriCapture.getValue(), input);
assertSame(intCapture.getValue(), refresh);
assertEquals(1, returned.size());
- assertEquals("1", returned.get(0).getQueryParameter(Param.SANITIZE.getKey()));
- assertNull(returned.get(0).getQueryParameter(Param.REWRITE_MIME_TYPE.getKey()));
+ verify(proxyUri);
}
@Test
@@ -101,6 +100,9 @@ public class SanitizingProxyUriManagerTe
expect(uriManager.make(capture(uriCapture), capture(intCapture)))
.andReturn(output).once();
replay(uriManager);
+ expect(proxyUri.setSanitizeContent(true)).andReturn(proxyUri).once();
+ expect(proxyUri.setRewriteMimeType(mime)).andReturn(proxyUri).once();
+ replay(proxyUri);
SanitizingProxyUriManager rewriter = makeRewriter(mime);
List<Uri> returned = rewriter.make(input, refresh);
@@ -109,15 +111,15 @@ public class SanitizingProxyUriManagerTe
assertSame(uriCapture.getValue(), input);
assertSame(intCapture.getValue(), refresh);
assertEquals(1, returned.size());
- assertEquals("1", returned.get(0).getQueryParameter(Param.SANITIZE.getKey()));
- assertEquals(mime, returned.get(0).getQueryParameter(Param.REWRITE_MIME_TYPE.getKey()));
+ verify(proxyUri);
}
@Test
public void makeList() throws Exception {
Capture<List<ProxyUri>> uriCapture = new Capture<List<ProxyUri>>();
Capture<Integer> intCapture = new Capture<Integer>();
- List<ProxyUri> input = Lists.newArrayList(proxyUri);
+ ProxyUri proxyUri2 = createMock(ProxyUri.class);
+ List<ProxyUri> input = Lists.newArrayList(proxyUri, proxyUri2);
Uri uri2 = new UriBuilder().toUri();
List<Uri> output = Lists.newArrayList(uri, uri2);
Integer refresh = new Integer(0);
@@ -125,6 +127,11 @@ public class SanitizingProxyUriManagerTe
expect(uriManager.make(capture(uriCapture), capture(intCapture)))
.andReturn(output).once();
replay(uriManager);
+ expect(proxyUri.setSanitizeContent(true)).andReturn(proxyUri).once();
+ expect(proxyUri.setRewriteMimeType(mime)).andReturn(proxyUri).once();
+ expect(proxyUri2.setSanitizeContent(true)).andReturn(proxyUri2).once();
+ expect(proxyUri2.setRewriteMimeType(mime)).andReturn(proxyUri2).once();
+ replay(proxyUri, proxyUri2);
SanitizingProxyUriManager rewriter = makeRewriter(mime);
List<Uri> returned = rewriter.make(input, refresh);
@@ -133,10 +140,7 @@ public class SanitizingProxyUriManagerTe
assertSame(uriCapture.getValue(), input);
assertSame(intCapture.getValue(), refresh);
assertEquals(2, returned.size());
- assertEquals("1", returned.get(0).getQueryParameter(Param.SANITIZE.getKey()));
- assertEquals(mime, returned.get(0).getQueryParameter(Param.REWRITE_MIME_TYPE.getKey()));
- assertEquals("1", returned.get(1).getQueryParameter(Param.SANITIZE.getKey()));
- assertEquals(mime, returned.get(1).getQueryParameter(Param.REWRITE_MIME_TYPE.getKey()));
+ verify(proxyUri, proxyUri2);
}
private SanitizingProxyUriManager makeRewriter(String mime) {
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingResponseRewriterTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingResponseRewriterTest.java?rev=1027757&r1=1027756&r2=1027757&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingResponseRewriterTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizingResponseRewriterTest.java Tue Oct 26 22:04:47 2010
@@ -39,6 +39,9 @@ import java.util.Set;
public class SanitizingResponseRewriterTest extends RewriterTestBase {
private static final Uri CONTENT_URI = Uri.parse("http://www.example.org/content");
+ private static final String PROXY_HOST = "proxy.com";
+ private static final String PROXY_PATH = "/gadgets/proxy";
+ private static final String PROXY_BASE = PROXY_HOST + PROXY_PATH;
private String rewrite(HttpRequest request, HttpResponse response) throws Exception {
request.setSanitizationRequested(true);
@@ -59,7 +62,7 @@ public class SanitizingResponseRewriterT
new ContentRewriterFeature.DefaultConfig(
".*", "", "HTTP", "embed,img,script,link,style", false, false, false));
return new SanitizingResponseRewriter(rewriterFeatureFactory,
- new CajaCssSanitizer(new CajaCssParser()), new PassthruManager());
+ new CajaCssSanitizer(new CajaCssParser()), new PassthruManager(PROXY_HOST, PROXY_PATH));
}
@Test
@@ -82,7 +85,8 @@ public class SanitizingResponseRewriterT
String sanitized =
// Resultant URL is just the "sanitized" version of same, since we're using
// PassthruUriManager for testing purposes.
- "@import url('http://www.evil.com/more.css?sanitize=1&rewriteMime=text%2Fcss');\n"
+ "@import url('http://" + PROXY_BASE + "?url="
+ + "http%3A%2F%2Fwww.evil.com%2Fmore.css&sanitize=1&rewriteMime=text%2Fcss');\n"
+ "A {\n"
+ " font: BOLD\n"
+ '}';
@@ -100,7 +104,8 @@ public class SanitizingResponseRewriterT
// The caja css sanitizer does *not* remove the initial colon in urls
// since this does not work in IE
String sanitized =
- "@import url('http://www.evil.com/more.css?sanitize=1&rewriteMime=text%2Fcss');\n"
+ "@import url('http://" + PROXY_BASE + "?url="
+ + "http%3A%2F%2Fwww.evil.com%2Fmore.css&sanitize=1&rewriteMime=text%2Fcss');\n"
+ "A {\n"
+ " font: BOLD\n"
+ '}';
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/PassthruManager.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/PassthruManager.java?rev=1027757&r1=1027756&r2=1027757&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/PassthruManager.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/PassthruManager.java Tue Oct 26 22:04:47 2010
@@ -48,17 +48,25 @@ public class PassthruManager implements
public List<Uri> make(List<ProxyUri> resource, Integer forcedRefresh) {
List<Uri> ctx = Lists.newArrayListWithCapacity(resource.size());
for (ProxyUri res : resource) {
- ctx.add(getUri(res.getResource()));
+ ctx.add(getUri(res));
}
return ImmutableList.copyOf(ctx);
}
- private Uri getUri(Uri src) {
+ private Uri getUri(ProxyUri src) {
if (!doProxy) {
- return src;
+ return src.getResource();
}
- return new UriBuilder().setScheme("http").setAuthority(proxyHost).setPath(proxyPath)
- .addQueryParameter(Param.URL.getKey(), src.toString()).toUri();
+ UriBuilder builder =
+ new UriBuilder().setScheme("http").setAuthority(proxyHost).setPath(proxyPath)
+ .addQueryParameter(Param.URL.getKey(), src.getResource().toString());
+ if (src.sanitizeContent()) {
+ builder.addQueryParameter(Param.SANITIZE.getKey(), "1");
+ }
+ if (src.getRewriteMimeType() != null) {
+ builder.addQueryParameter(Param.REWRITE_MIME_TYPE.getKey(), src.getRewriteMimeType());
+ }
+ return builder.toUri();
}
public ProxyUri process(Uri uri) throws GadgetException {