You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Marshall Shi <sh...@cn.ibm.com> on 2013/01/21 03:01:02 UTC
Re: Review Request: host name check is case sensitive in locked domain
service
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8439/
-----------------------------------------------------------
(Updated Jan. 21, 2013, 2:01 a.m.)
Review request for shindig, Ryan Baxter, Dan Dumont, Stanton Sievers, and Rich Thompson.
Description
-------
The host name check is case sensitive in locked domain service.
org.apache.shindig.gadgets.HashLockedDomainService
@Override
public boolean isGadgetValidForHost(String host, Gadget gadget, String container) {
container = getContainer(container);
if (isEnabled()) {
if (isGadgetReqestingLocking(gadget) || isHostUsingLockedDomain(host)
|| isDomainLockingEnforced(container)) {
String neededHost;
try {
neededHost = getLockedDomain(gadget, container);
} catch (GadgetException e) {
if (LOG.isLoggable(Level.WARNING)) {
LOG.log(Level.WARNING, "Invalid host for call.", e);
}
return false;
}
return host.equals(neededHost);
}
}
return true;
}
According to URL spec:
http://www.ietf.org/rfc/rfc3986.txt
Section 3.2.2.
Proposed fix is to replace equals with equalsIgnoreCase.
This addresses bug SHINDIG-1889.
https://issues.apache.org/jira/browse/SHINDIG-1889
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/HashLockedDomainService.java 1406188
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/HashShaLockedDomainPrefixGenerator.java 1406188
Diff: https://reviews.apache.org/r/8439/diff/
Testing
-------
Done
Thanks,
Marshall Shi
Re: Review Request: host name check is case sensitive in locked domain
service
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8439/#review15933
-----------------------------------------------------------
Ship it!
Committed r1441003.
Please close this review and attach the diff to the JIRA
- Dan Dumont
On Jan. 21, 2013, 2:01 a.m., Marshall Shi wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/8439/
> -----------------------------------------------------------
>
> (Updated Jan. 21, 2013, 2:01 a.m.)
>
>
> Review request for shindig, Ryan Baxter, Dan Dumont, Stanton Sievers, and Rich Thompson.
>
>
> Description
> -------
>
> The host name check is case sensitive in locked domain service.
> org.apache.shindig.gadgets.HashLockedDomainService
>
> @Override
> public boolean isGadgetValidForHost(String host, Gadget gadget, String container) {
> container = getContainer(container);
> if (isEnabled()) {
> if (isGadgetReqestingLocking(gadget) || isHostUsingLockedDomain(host)
> || isDomainLockingEnforced(container)) {
> String neededHost;
> try {
> neededHost = getLockedDomain(gadget, container);
> } catch (GadgetException e) {
> if (LOG.isLoggable(Level.WARNING)) {
> LOG.log(Level.WARNING, "Invalid host for call.", e);
> }
> return false;
> }
> return host.equals(neededHost);
> }
> }
> return true;
> }
>
> According to URL spec:
> http://www.ietf.org/rfc/rfc3986.txt
> Section 3.2.2.
> Proposed fix is to replace equals with equalsIgnoreCase.
>
>
> This addresses bug SHINDIG-1889.
> https://issues.apache.org/jira/browse/SHINDIG-1889
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/HashLockedDomainService.java 1406188
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/HashShaLockedDomainPrefixGenerator.java 1406188
>
> Diff: https://reviews.apache.org/r/8439/diff/
>
>
> Testing
> -------
>
> Done
>
>
> Thanks,
>
> Marshall Shi
>
>