You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@deltaspike.apache.org by st...@apache.org on 2019/10/15 19:21:41 UTC
[deltaspike] branch master updated: DELTASPIKE-1389 further
stricten dswid
This is an automated email from the ASF dual-hosted git repository.
struberg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/deltaspike.git
The following commit(s) were added to refs/heads/master by this push:
new beae6e1 DELTASPIKE-1389 further stricten dswid
beae6e1 is described below
commit beae6e12f64e1a0066c3add17a4bfcca2ee0fb2c
Author: Mark Struberg <st...@apache.org>
AuthorDate: Tue Oct 15 21:21:14 2019 +0200
DELTASPIKE-1389 further stricten dswid
---
.../apache/deltaspike/core/util/StringUtils.java | 35 ++++++++++++++++++++++
.../deltaspike/test/api/util/StringUtilsTest.java | 10 +++++++
.../strategy/AbstractClientWindowStrategy.java | 4 ++-
3 files changed, 48 insertions(+), 1 deletion(-)
diff --git a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/StringUtils.java b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/StringUtils.java
index 7f70385..61ebe12 100644
--- a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/StringUtils.java
+++ b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/StringUtils.java
@@ -40,4 +40,39 @@ public abstract class StringUtils
{
return !isEmpty(text);
}
+
+ /**
+ * Remove any non-numeric, non-alphanumeric Characters in the given String
+ * @param val
+ * @return the original string but any non-numeric, non-alphanumeric is replaced with a '_'
+ */
+ public static String removeSpecialChars(String val)
+ {
+ if (val == null)
+ {
+ return null;
+ }
+
+ int len = val.length();
+ char[] newBuf = new char[len];
+ val.getChars(0, len, newBuf, 0);
+ for (int i = 0; i < len; i++)
+ {
+ char c = newBuf[i];
+ if (c >= 'a' && c <= 'z' ||
+ c >= 'A' && c <= 'Z' ||
+ c >= '0' && c <= '9' ||
+ c == '-' ||
+ c == '_')
+ {
+ continue;
+ }
+
+ // every other char gets replaced with '_'
+ newBuf[i] = '_';
+ }
+
+ return new String(newBuf);
+ }
+
}
\ No newline at end of file
diff --git a/deltaspike/core/api/src/test/java/org/apache/deltaspike/test/api/util/StringUtilsTest.java b/deltaspike/core/api/src/test/java/org/apache/deltaspike/test/api/util/StringUtilsTest.java
index 883ce2d..b3c256e 100644
--- a/deltaspike/core/api/src/test/java/org/apache/deltaspike/test/api/util/StringUtilsTest.java
+++ b/deltaspike/core/api/src/test/java/org/apache/deltaspike/test/api/util/StringUtilsTest.java
@@ -32,4 +32,14 @@ public class StringUtilsTest
Assert.assertTrue(StringUtils.isEmpty(" "));
Assert.assertFalse(StringUtils.isEmpty(" a "));
}
+
+ @Test
+ public void testRemoveSpecialChars() {
+ Assert.assertNull(StringUtils.removeSpecialChars(null));
+ Assert.assertEquals("abc_def", StringUtils.removeSpecialChars("abc def"));
+ Assert.assertEquals("a_c_def", StringUtils.removeSpecialChars("a_c def")); // not replace _
+ Assert.assertEquals("a-c_dex", StringUtils.removeSpecialChars("a-c dex")); // not replace -
+ Assert.assertEquals("a_c_def", StringUtils.removeSpecialChars("a\'c def"));
+ Assert.assertEquals("A_c_deX", StringUtils.removeSpecialChars("A#c deX"));
+ }
}
\ No newline at end of file
diff --git a/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/strategy/AbstractClientWindowStrategy.java b/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/strategy/AbstractClientWindowStrategy.java
index dc621c1..a86495f 100644
--- a/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/strategy/AbstractClientWindowStrategy.java
+++ b/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/strategy/AbstractClientWindowStrategy.java
@@ -25,6 +25,8 @@ import javax.annotation.PostConstruct;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
+
+import org.apache.deltaspike.core.util.StringUtils;
import org.apache.deltaspike.jsf.api.config.JsfModuleConfig;
import org.apache.deltaspike.jsf.impl.util.ClientWindowHelper;
import org.apache.deltaspike.jsf.spi.scope.window.ClientWindow;
@@ -103,7 +105,7 @@ public abstract class AbstractClientWindowStrategy implements ClientWindow
*/
protected String sanitiseWindowId(String windowId)
{
- return windowId.replace('(', '_').replace('<', '_').replace('&', '_');
+ return StringUtils.removeSpecialChars(windowId);
}
protected abstract String getOrCreateWindowId(FacesContext facesContext);