You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@river.apache.org by Mark Brouwer <ma...@cheiron.org> on 2008/01/29 21:37:53 UTC
Re: [jira] Commented: (RIVER-5) HTTMPMD URLs can be considered equal
while they are not
Thanks Fred for the review,
Fred Oliver (JIRA) wrote:
> [ https://issues.apache.org/jira/browse/RIVER-5?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12563336#action_12563336 ]
>
> Fred Oliver commented on RIVER-5:
> ---------------------------------
>
> First, the parseURL() method has the same bug. I would prefer that method be
> fixed as well.
I don't see the bug in parseURL, there is a test for the mandatory '='
character that separates the digest algorithm from the digest value. The
comment is looked for relative from the '=' character.
> Second, the fix in the patch treats the '=' characters as optional instead of
> required. I would prefer that the method explicitly return false if the '='
> characters are missing from either string, or not located at the same index.
You are right, will do that.
--
Mark
Re: [jira] Commented: (RIVER-5) HTTMPMD URLs can be considered equal
while they are not
Posted by Mark Brouwer <ma...@cheiron.org>.
Mark Brouwer wrote:
> I don't see the bug in parseURL, there is a test for the mandatory '='
> character that separates the digest algorithm from the digest value. The
> comment is looked for relative from the '=' character.
By looking more careful at the java.net.URL implementation I now
understand the code block executed in parseURL for "a relative URL that
only specifies a comment".
>> Second, the fix in the patch treats the '=' characters as optional
>> instead of
>> required. I would prefer that the method explicitly return false if
>> the '='
>> characters are missing from either string, or not located at the same
>> index.
>
> You are right, will do that.
I also modified Freds test class so it's easier to run and doesn't rely
on a Sun specific security provider. It begs the question what we are
going to do with these unit tests ...
It looks like Fred and I agree on the fix so I will commit it in a few
hours.
--
Mark