You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by mg...@apache.org on 2012/04/27 14:24:13 UTC
git commit: WICKET-4511 Stack overflow when render malformed html.
Updated Branches:
refs/heads/wicket-1.5.x fad724f37 -> 1243ee6d6
WICKET-4511 Stack overflow when render malformed html.
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/1243ee6d
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/1243ee6d
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/1243ee6d
Branch: refs/heads/wicket-1.5.x
Commit: 1243ee6d61e1635539619930988ded357e1c0764
Parents: fad724f
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Fri Apr 27 15:23:27 2012 +0300
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Fri Apr 27 15:23:27 2012 +0300
----------------------------------------------------------------------
.../parser/filter/HtmlHeaderSectionHandler.java | 28 ++++++--
.../filter/HtmlHeaderSectionHandlerTest.java | 54 +++++++++++++++
2 files changed, 77 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/1243ee6d/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java b/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java
index 5d7cd84..1b2ac8e 100644
--- a/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java
+++ b/wicket-core/src/main/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandler.java
@@ -21,6 +21,8 @@ import java.text.ParseException;
import org.apache.wicket.markup.ComponentTag;
import org.apache.wicket.markup.Markup;
import org.apache.wicket.markup.MarkupElement;
+import org.apache.wicket.markup.MarkupException;
+import org.apache.wicket.markup.MarkupStream;
import org.apache.wicket.markup.parser.AbstractMarkupFilter;
import org.apache.wicket.markup.parser.XmlTag.TagType;
@@ -46,6 +48,9 @@ public final class HtmlHeaderSectionHandler extends AbstractMarkupFilter
/** True if <head> has been found already */
private boolean foundHead = false;
+ /** True if </head> has been found already */
+ private boolean foundClosingHead = false;
+
/** True if all the rest of the markup file can be ignored */
private boolean ignoreTheRest = false;
@@ -78,15 +83,20 @@ public final class HtmlHeaderSectionHandler extends AbstractMarkupFilter
if (tag.getNamespace() == null)
{
// we found <head>
- if (tag.isClose())
+ if (tag.isOpen())
{
foundHead = true;
+
+ if (tag.getId() == null)
+ {
+ tag.setId(HEADER_ID);
+ tag.setAutoComponentTag(true);
+ tag.setModified(true);
+ }
}
- else if (tag.getId() == null)
+ else if (tag.isClose())
{
- tag.setId(HEADER_ID);
- tag.setAutoComponentTag(true);
- tag.setModified(true);
+ foundClosingHead = true;
}
return tag;
@@ -95,10 +105,18 @@ public final class HtmlHeaderSectionHandler extends AbstractMarkupFilter
{
// we found <wicket:head>
foundHead = true;
+ foundClosingHead = true;
}
}
else if (BODY.equalsIgnoreCase(tag.getName()) && (tag.getNamespace() == null))
{
+ // WICKET-4511: We found <body> inside <head> tag. Markup is not valid!
+ if (foundHead && !foundClosingHead)
+ {
+ throw new MarkupException(new MarkupStream(markup),
+ "Invalid page markup. Tag <BODY> found inside <HEAD>");
+ }
+
// We found <body>
if (foundHead == false)
{
http://git-wip-us.apache.org/repos/asf/wicket/blob/1243ee6d/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java b/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java
new file mode 100644
index 0000000..e85a995
--- /dev/null
+++ b/wicket-core/src/test/java/org/apache/wicket/markup/parser/filter/HtmlHeaderSectionHandlerTest.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.wicket.markup.parser.filter;
+
+import org.apache.wicket.MarkupContainer;
+import org.apache.wicket.WicketTestCase;
+import org.apache.wicket.markup.IMarkupResourceStreamProvider;
+import org.apache.wicket.markup.MarkupException;
+import org.apache.wicket.markup.html.WebPage;
+import org.apache.wicket.util.resource.IResourceStream;
+import org.apache.wicket.util.resource.StringResourceStream;
+import org.junit.Test;
+
+public class HtmlHeaderSectionHandlerTest extends WicketTestCase
+{
+ /**
+ * https://issues.apache.org/jira/browse/WICKET-4511
+ *
+ * Asserts that HtmlHeaderSectionHandler throws a MarkupException if a <BODY> tag is found
+ * inside <HEAD>
+ *
+ * @throws Exception
+ */
+ @Test(expected = MarkupException.class)
+ public void loadMarkupWithBodyInsideHead() throws Exception
+ {
+ CustomMarkupPage customMarkupPage = new CustomMarkupPage();
+ tester.startPage(customMarkupPage);
+ }
+
+ private static class CustomMarkupPage extends WebPage implements IMarkupResourceStreamProvider
+ {
+ public IResourceStream getMarkupResourceStream(MarkupContainer container,
+ Class<?> containerClass)
+ {
+ // <head> is not closed before <body>
+ return new StringResourceStream("<html><head><body>bad markup!</body></head></html>");
+ }
+ }
+}