You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2021/07/03 17:30:30 UTC
[ofbiz-framework] 01/02: Fixed: IndexOutOfBoundsException on Entity
Import (OFBIZ-12273)
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit 0effce0c7b07483143b92e5c673cf8d55db6cef1
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Sat Jul 3 19:23:07 2021 +0200
Fixed: IndexOutOfBoundsException on Entity Import (OFBIZ-12273)
I get an IndexOutOfBoundsException when using the EntityImport.
The problem occurs while having a resemblance of an url in the data.
For example
screenPath="component://... is interpreted as url because of '://'
but doesn't match a valid url pattern.
jleroux: I decided to keep it simple and to take the "component://" and the
"https://localhost" cases apart. I see no reasons to fear "https://localhost"
there. It should be only used in a safe dev env.
Thanks: Sebastian Berg and Nicolas Malin for report
---
.../src/main/java/org/apache/ofbiz/base/util/UtilHttp.java | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilHttp.java b/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilHttp.java
index 8087090..54101df 100644
--- a/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilHttp.java
+++ b/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilHttp.java
@@ -415,7 +415,7 @@ public final class UtilHttp {
params = params + s + " ";
} else if (UtilValidate.isUrl(s) && !s.isEmpty()) {
// if the string contains not only an URL => concatenate possible canonicalized before and after, w/o changing the URL
- String url = extractUrls(s).get(0); // THere should be only 1 URL in a block, makes no sense else
+ String url = extractUrls(s).get(0); // There should be only 1 URL in a block, makes no sense else
int start = s.indexOf(url);
String after = (String) s.subSequence(start + url.length(), s.length());
params = params + canonicalizeParameter((String) s.subSequence(0, start)) + url + canonicalizeParameter(after) + " ";
@@ -1736,9 +1736,15 @@ public final class UtilHttp {
+ "([-\\w~!$+|.,*:=]|%[a-f\\d]{2})*)*)*"
+ "(#([-\\w~!$+|.,*:=]|%[a-f\\d]{2})*)?\\b");
- Matcher matcher = pattern.matcher(input);
- while (matcher.find()) {
- result.add(matcher.group());
+ if (input.contains("component://")
+ || input.contains("https://localhost") // We consider localhost a safe dev env
+ || input.contains("https://127.0.0.1")) {
+ result.add(input);
+ } else {
+ Matcher matcher = pattern.matcher(input);
+ while (matcher.find()) {
+ result.add(matcher.group());
+ }
}
return result;