You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by jz...@apache.org on 2013/01/25 04:02:30 UTC
[3/3] git commit: CLOUDSTACK-505: Converted regex expressions to
pre-compiled Pattern objects
Updated Branches:
refs/heads/4.0 7d37e5657 -> 2140bbb05
CLOUDSTACK-505: Converted regex expressions to pre-compiled Pattern objects
This was done for performance reasons.
I also refined the regex strings and added more test cases for different
string scenarios.
Signed-off-by: Chip Childers <ch...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/2140bbb0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/2140bbb0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/2140bbb0
Branch: refs/heads/4.0
Commit: 2140bbb056f88893f9170fe8963bd89a189b3d6c
Parents: a81d227
Author: Chip Childers <ch...@gmail.com>
Authored: Mon Dec 17 22:59:12 2012 -0500
Committer: Joe Brockmeier <jz...@zonker.net>
Committed: Thu Jan 24 20:54:01 2013 -0600
----------------------------------------------------------------------
utils/src/com/cloud/utils/StringUtils.java | 13 +++-
utils/test/com/cloud/utils/StringUtilsTest.java | 62 ++++++++++++++++--
2 files changed, 65 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/2140bbb0/utils/src/com/cloud/utils/StringUtils.java
----------------------------------------------------------------------
diff --git a/utils/src/com/cloud/utils/StringUtils.java b/utils/src/com/cloud/utils/StringUtils.java
index f0acc23..506cc1b 100644
--- a/utils/src/com/cloud/utils/StringUtils.java
+++ b/utils/src/com/cloud/utils/StringUtils.java
@@ -19,6 +19,7 @@ package com.cloud.utils;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
+import java.util.regex.Pattern;
// StringUtils exists in Apache Commons Lang, but rather than import the entire JAR to our system, for now
// just implement the method needed
@@ -129,13 +130,17 @@ public class StringUtils {
return sb.toString();
}
+ // removes a password request param and it's value
+ private static final Pattern REGEX_PASSWORD_QUERYSTRING = Pattern.compile("&?password=.*?(?=[&'\"])");
+
+ // removes a password property from a response json object
+ private static final Pattern REGEX_PASSWORD_JSON = Pattern.compile("\"password\":\".*?\",?");
+
// Responsible for stripping sensitive content from request and response strings
public static String cleanString(String stringToClean){
String cleanResult = "";
- // removes a password request param and it's value
- cleanResult = stringToClean.replaceAll("password=.*?&", "");
- // removes a password property from a response json object
- cleanResult = cleanResult.replaceAll("\"password\":\".*?\",", "");
+ cleanResult = REGEX_PASSWORD_QUERYSTRING.matcher(stringToClean).replaceAll("");
+ cleanResult = REGEX_PASSWORD_JSON.matcher(cleanResult).replaceAll("");
return cleanResult;
}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/2140bbb0/utils/test/com/cloud/utils/StringUtilsTest.java
----------------------------------------------------------------------
diff --git a/utils/test/com/cloud/utils/StringUtilsTest.java b/utils/test/com/cloud/utils/StringUtilsTest.java
index f25db97..3c162c7 100644
--- a/utils/test/com/cloud/utils/StringUtilsTest.java
+++ b/utils/test/com/cloud/utils/StringUtilsTest.java
@@ -22,15 +22,41 @@ import com.cloud.utils.StringUtils;
public class StringUtilsTest {
@Test
- public void testCleanJsonObject() {
- String input = "{\"description\":\"foo\"}],\"password\":\"bar\",\"nic\":[{\"id\":\"1\"}]}";
- String expected = "{\"description\":\"foo\"}],\"nic\":[{\"id\":\"1\"}]}";
+ public void testCleanPasswordFromJsonObjectAtEnd() {
+ String input = "{\"foo\":\"bar\",\"password\":\"test\"}";
+ //TODO: It would be nice to clean up the regex in question to not
+ //have to return the trailing comma in the expected string below
+ String expected = "{\"foo\":\"bar\",}";
+ String result = StringUtils.cleanString(input);
+ assertEquals(result, expected);
+ }
+
+ @Test
+ public void testCleanPasswordFromJsonObjectInMiddle() {
+ String input = "{\"foo\":\"bar\",\"password\":\"test\",\"test\":\"blah\"}";
+ String expected = "{\"foo\":\"bar\",\"test\":\"blah\"}";
+ String result = StringUtils.cleanString(input);
+ assertEquals(result, expected);
+ }
+
+ @Test
+ public void testCleanPasswordFromJsonObjectAlone() {
+ String input = "{\"password\":\"test\"}";
+ String expected = "{}";
+ String result = StringUtils.cleanString(input);
+ assertEquals(result, expected);
+ }
+
+ @Test
+ public void testCleanPasswordFromJsonObjectAtStart() {
+ String input = "{\"password\":\"test\",\"test\":\"blah\"}";
+ String expected = "{\"test\":\"blah\"}";
String result = StringUtils.cleanString(input);
assertEquals(result, expected);
}
@Test
- public void testCleanJsonObjectWithMultiplePasswords() {
+ public void testCleanPasswordFromJsonObjectWithMultiplePasswords() {
String input = "{\"description\":\"foo\"}],\"password\":\"bar\",\"nic\":[{\"password\":\"bar2\",\"id\":\"1\"}]}";
String expected = "{\"description\":\"foo\"}],\"nic\":[{\"id\":\"1\"}]}";
String result = StringUtils.cleanString(input);
@@ -38,7 +64,7 @@ public class StringUtilsTest {
}
@Test
- public void testCleanRequestObject() {
+ public void testCleanPasswordFromRequestString() {
String input = "username=foo&password=bar&url=foobar";
String expected = "username=foo&url=foobar";
String result = StringUtils.cleanString(input);
@@ -46,11 +72,35 @@ public class StringUtilsTest {
}
@Test
- public void testCleanRequestObjectWithMultiplePasswords() {
+ public void testCleanPasswordFromRequestStringWithMultiplePasswords() {
String input = "username=foo&password=bar&url=foobar&password=bar2&test=4";
String expected = "username=foo&url=foobar&test=4";
String result = StringUtils.cleanString(input);
assertEquals(result, expected);
}
+
+ @Test
+ public void testCleanPasswordFromRequestStringMatchedAtEndSingleQuote() {
+ String input = "'username=foo&password=bar'";
+ String expected = "'username=foo'";
+ String result = StringUtils.cleanString(input);
+ assertEquals(result, expected);
+ }
+
+ @Test
+ public void testCleanPasswordFromRequestStringMatchedAtEndDoubleQuote() {
+ String input = "\"username=foo&password=bar\"";
+ String expected = "\"username=foo\"";
+ String result = StringUtils.cleanString(input);
+ assertEquals(result, expected);
+ }
+
+ @Test
+ public void testCleanPasswordFromRequestStringMatchedAtMiddleDoubleQuote() {
+ String input = "\"username=foo&password=bar&goo=sdf\"";
+ String expected = "\"username=foo&goo=sdf\"";
+ String result = StringUtils.cleanString(input);
+ assertEquals(result, expected);
+ }
}