You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ode.apache.org by mr...@apache.org on 2008/05/22 02:15:43 UTC
svn commit: r658953 - in /ode/branches/APACHE_ODE_1.1/axis2/src:
main/java/org/apache/ode/axis2/util/UrlReplacementTransformer.java
test/java/org/apache/ode/axis2/util/UrlReplacementTransformerTest.java
Author: mriou
Date: Wed May 21 17:15:42 2008
New Revision: 658953
URL: http://svn.apache.org/viewvc?rev=658953&view=rev
Log:
ODE-284 URLReplacement does not escape values.
Modified:
ode/branches/APACHE_ODE_1.1/axis2/src/main/java/org/apache/ode/axis2/util/UrlReplacementTransformer.java
ode/branches/APACHE_ODE_1.1/axis2/src/test/java/org/apache/ode/axis2/util/UrlReplacementTransformerTest.java
Modified: ode/branches/APACHE_ODE_1.1/axis2/src/main/java/org/apache/ode/axis2/util/UrlReplacementTransformer.java
URL: http://svn.apache.org/viewvc/ode/branches/APACHE_ODE_1.1/axis2/src/main/java/org/apache/ode/axis2/util/UrlReplacementTransformer.java?rev=658953&r1=658952&r2=658953&view=diff
==============================================================================
--- ode/branches/APACHE_ODE_1.1/axis2/src/main/java/org/apache/ode/axis2/util/UrlReplacementTransformer.java (original)
+++ ode/branches/APACHE_ODE_1.1/axis2/src/main/java/org/apache/ode/axis2/util/UrlReplacementTransformer.java Wed May 21 17:15:42 2008
@@ -20,6 +20,10 @@
package org.apache.ode.axis2.util;
import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.httpclient.util.URIUtil;
+import org.apache.commons.httpclient.URIException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.apache.ode.utils.DOMUtils;
import org.apache.ode.utils.wsdl.Messages;
import org.w3c.dom.Element;
@@ -33,12 +37,20 @@
/**
* This encoder applies urlReplacement as defined by the <a href='http://www.w3.org/TR/wsdl#_http:urlReplacement'>WSDL specification</a>.
- * <br/>
+ * <p/><strong>Escaping Considerations</strong>
+ * <br/>Replacement and default values are escaped. All characters except unreserved (as defined by <a href="http://tools.ietf.org/html/rfc2396#appendix-A">rfc2396</a>) are escaped.
+ * <br/> unreserved = alphanum | mark
+ * <br/> mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
+ * <p/>
+ * <a href="http://tools.ietf.org/html/rfc2396">Rfc2396</a> is used to be compliant with {@linkplain java.net.URI java.net.URI}.
+ * <p/>
*
* @author <a href="mailto:midon@intalio.com">Alexis Midon</a>
*/
public class UrlReplacementTransformer {
+ private static final Log log = LogFactory.getLog(UrlReplacementTransformer.class);
+
private static final org.apache.ode.utils.wsdl.Messages msgs = Messages.getMessages(Messages.class);
private static final org.apache.ode.axis2.httpbinding.Messages httpMsgs = org.apache.ode.axis2.httpbinding.Messages.getMessages(org.apache.ode.axis2.httpbinding.Messages.class);
@@ -81,10 +93,17 @@
String partName = e.getKey();
partPattern = "\\(" + partName + "\\)";
Element value = e.getValue();
- replacementValue = DOMUtils.isEmptyElement(value) ? "" : DOMUtils.getTextContent(value);
- if (replacementValue == null) {
+ if (value == null) {
throw new IllegalArgumentException(httpMsgs.msgSimpleTypeExpected(partName));
}
+ replacementValue = DOMUtils.isEmptyElement(value) ? "" : DOMUtils.getTextContent(value);
+ }
+
+ try {
+ replacementValue = URIUtil.encodeWithinQuery(replacementValue);
+ } catch (URIException urie) {
+ // this exception is never thrown by the code of httpclient
+ if (log.isWarnEnabled()) log.warn(urie.getMessage(), urie);
}
replace(result, partPattern, replacementValue);
}
@@ -127,5 +146,4 @@
}
}
}
-
}
Modified: ode/branches/APACHE_ODE_1.1/axis2/src/test/java/org/apache/ode/axis2/util/UrlReplacementTransformerTest.java
URL: http://svn.apache.org/viewvc/ode/branches/APACHE_ODE_1.1/axis2/src/test/java/org/apache/ode/axis2/util/UrlReplacementTransformerTest.java?rev=658953&r1=658952&r2=658953&view=diff
==============================================================================
--- ode/branches/APACHE_ODE_1.1/axis2/src/test/java/org/apache/ode/axis2/util/UrlReplacementTransformerTest.java (original)
+++ ode/branches/APACHE_ODE_1.1/axis2/src/test/java/org/apache/ode/axis2/util/UrlReplacementTransformerTest.java Wed May 21 17:15:42 2008
@@ -42,9 +42,9 @@
, new String[]{"parts are ends", "(part1)B(part2)/(part3)", "3B14/159", "part1", "3", "part2", "14", "part3", "159"}
, new String[]{"a single part", "(part1)", "314159", "part1", "314159"}
, new String[]{"parts surrounded with ()", "o1/A((part1))B((part2))/((part3))", "o1/A(3)B(14)/(159)", "part1", "3", "part2", "14", "part3", "159"}
- , new String[]{"with numeric chars", baseUrl, "o1/A3B14/159", "part1", "3", "part2", "14", "part3", "159"}
+ , new String[]{"with numeric chars", baseUrl, "o1/A3B14/159%20and%20an%20epsilon", "part1", "3", "part2", "14", "part3", "159 and an epsilon"}
, new String[]{"with empty values", baseUrl, "o1/AB/", "part1", "", "part2", "", "part3", ""}
- , new String[]{"with special chars", baseUrl, "o1/AWhatB$10,000/~!@#$%^&*()_+=-`[]{}|\\.", "part1", "What", "part2", "$10,000", "part3", "~!@#$%^&*()_+=-`[]{}|\\."}
+ , new String[]{"with special chars", baseUrl, "o1/AWhatB%2410%2C000/~!%40%23%24%25%5E%26*()_%2B%3D-%60%5B%5D%7B%7D%7C%5C.", "part1", "What", "part2", "$10,000", "part3", "~!@#$%^&*()_+=-`[]{}|\\."}
, new String[]{"with values containing key names", baseUrl, "o1/Avalue_of_part1_is_(part2)_and_should_not_be_replacedBsame_for_part2(part3)/foo", "part1", "value_of_part1_is_(part2)_and_should_not_be_replaced", "part2", "same_for_part2(part3)", "part3", "foo"}
};