You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by co...@apache.org on 2019/02/05 11:29:01 UTC
[camel] branch camel-2.x updated: CAMEL-13153 - Strip newlines from
exchange headers
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch camel-2.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-2.x by this push:
new 5233404 CAMEL-13153 - Strip newlines from exchange headers
5233404 is described below
commit 5233404e9621d698cc661938ca9eb2037647b563
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Fri Feb 1 17:45:09 2019 +0000
CAMEL-13153 - Strip newlines from exchange headers
---
.../java/org/apache/camel/util/StringHelper.java | 12 +++++
.../org/apache/camel/util/StringHelperTest.java | 22 ++++++++
.../apache/camel/component/mail/MailBinding.java | 13 +++--
.../camel/component/mail/MailRecipientsTest.java | 59 ++++++++++++++++++++++
4 files changed, 101 insertions(+), 5 deletions(-)
diff --git a/camel-core/src/main/java/org/apache/camel/util/StringHelper.java b/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
index 887bd12..02914d7 100644
--- a/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
+++ b/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
@@ -56,6 +56,18 @@ public final class StringHelper {
}
/**
+ * Remove carriage return and line feeds from a String, replacing them with an empty String.
+ * @param s String to be sanitized of carriage return / line feed characters
+ * @return sanitized version of <code>s</code>.
+ * @throws NullPointerException if <code>s</code> is <code>null</code>.
+ */
+ public static String removeCRLF(String s) {
+ return s
+ .replaceAll("\r", "")
+ .replaceAll("\n", "");
+ }
+
+ /**
* Counts the number of times the given char is in the string
*
* @param s the string
diff --git a/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java b/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
index d0a87a6..6e85e8a 100644
--- a/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
+++ b/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
@@ -42,6 +42,28 @@ public class StringHelperTest extends Assert {
}
@Test
+ public void testSimpleCRLF() {
+ String out = StringHelper.removeCRLF("hello");
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains("\r"));
+ assertTrue("Should not contain : ", !out.contains("\n"));
+
+ out = StringHelper.removeCRLF("hello\r\n");
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains("\r"));
+ assertTrue("Should not contain : ", !out.contains("\n"));
+
+ out = StringHelper.removeCRLF("\r\nhe\r\nllo\n");
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains("\r"));
+ assertTrue("Should not contain : ", !out.contains("\n"));
+
+ out = StringHelper.removeCRLF("hello" + System.lineSeparator());
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains(System.lineSeparator()));
+ }
+
+ @Test
public void testCountChar() {
assertEquals(0, StringHelper.countChar("Hello World", 'x'));
assertEquals(1, StringHelper.countChar("Hello World", 'e'));
diff --git a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
index 2a88acd..d50a04c 100644
--- a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
+++ b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
@@ -398,10 +398,10 @@ public class MailBinding {
Iterator<?> iter = ObjectHelper.createIterator(headerValue);
while (iter.hasNext()) {
Object value = iter.next();
- mimeMessage.addHeader(headerName, asString(exchange, value));
+ mimeMessage.addHeader(StringHelper.removeCRLF(headerName), asString(exchange, value));
}
} else {
- mimeMessage.setHeader(headerName, asString(exchange, headerValue));
+ mimeMessage.setHeader(StringHelper.removeCRLF(headerName), asString(exchange, headerValue));
}
}
}
@@ -418,10 +418,12 @@ public class MailBinding {
Iterator<?> iter = ObjectHelper.createIterator(headerValue);
while (iter.hasNext()) {
Object recipient = iter.next();
- appendRecipientToMimeMessage(mimeMessage, configuration, exchange, headerName, asString(exchange, recipient));
+ appendRecipientToMimeMessage(mimeMessage, configuration, exchange,
+ StringHelper.removeCRLF(headerName), asString(exchange, recipient));
}
} else {
- appendRecipientToMimeMessage(mimeMessage, configuration, exchange, headerName, asString(exchange, headerValue));
+ appendRecipientToMimeMessage(mimeMessage, configuration, exchange,
+ StringHelper.removeCRLF(headerName), asString(exchange, headerValue));
}
}
}
@@ -720,7 +722,8 @@ public class MailBinding {
}
private static String asString(Exchange exchange, Object value) {
- return exchange.getContext().getTypeConverter().convertTo(String.class, exchange, value);
+ String strValue = exchange.getContext().getTypeConverter().convertTo(String.class, exchange, value);
+ return StringHelper.removeCRLF(strValue);
}
/**
diff --git a/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
index 0c03c63..490d81e 100644
--- a/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
+++ b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
@@ -16,7 +16,11 @@
*/
package org.apache.camel.component.mail;
+import java.util.HashMap;
+import java.util.Map;
+
import javax.mail.Message;
+import javax.mail.internet.InternetAddress;
import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.test.junit4.CamelTestSupport;
@@ -67,6 +71,59 @@ public class MailRecipientsTest extends CamelTestSupport {
assertEquals("someone@somewhere.org", msg.getRecipients(Message.RecipientType.BCC)[0].toString());
}
+ @Test
+ public void testHeadersBlocked() throws Exception {
+ Mailbox.clearAll();
+
+ // direct:b blocks all message headers
+ Map<String, Object> headers = new HashMap<>();
+ headers.put("to", "to@riders.org");
+ headers.put("cc", "header@riders.org");
+
+ template.sendBodyAndHeaders("direct:b", "Hello World", headers);
+
+ Mailbox box = Mailbox.get("camel@riders.org");
+ Message msg = box.get(0);
+ assertEquals("camel@riders.org", msg.getRecipients(Message.RecipientType.TO)[0].toString());
+ assertEquals("easy@riders.org", msg.getRecipients(Message.RecipientType.TO)[1].toString());
+ assertEquals("me@you.org", msg.getRecipients(Message.RecipientType.CC)[0].toString());
+ }
+
+ @Test
+ public void testSpecificHeaderBlocked() throws Exception {
+ Mailbox.clearAll();
+
+ // direct:c blocks the "cc" message header - so only "to" will be used here
+ Map<String, Object> headers = new HashMap<>();
+ headers.put("to", "to@riders.org");
+ headers.put("cc", "header@riders.org");
+
+ template.sendBodyAndHeaders("direct:c", "Hello World", headers);
+
+ Mailbox box = Mailbox.get("to@riders.org");
+ Message msg = box.get(0);
+ assertEquals("to@riders.org", msg.getRecipients(Message.RecipientType.TO)[0].toString());
+ assertNull(msg.getRecipients(Message.RecipientType.CC));
+ // TODO assertEquals("me@you.org", msg.getRecipients(Message.RecipientType.CC)[0].toString());
+ }
+
+ @Test
+ public void testSpecificHeaderBlockedInjection() throws Exception {
+ Mailbox.clearAll();
+
+ // direct:c blocks the "cc" message header - but we are trying to inject cc in via another header
+ Map<String, Object> headers = new HashMap<>();
+ headers.put("blah", "somevalue\r\ncc: injected@riders.org");
+
+ template.sendBodyAndHeaders("direct:c", "Hello World", headers);
+
+ Mailbox box = Mailbox.get("camel@riders.org");
+ Message msg = box.get(0);
+ assertEquals("camel@riders.org", msg.getRecipients(Message.RecipientType.TO)[0].toString());
+ assertEquals(1, msg.getRecipients(Message.RecipientType.CC).length);
+ assertEquals("me@you.org", msg.getRecipients(Message.RecipientType.CC)[0].toString());
+ }
+
protected RouteBuilder createRouteBuilder() throws Exception {
return new RouteBuilder() {
public void configure() throws Exception {
@@ -78,6 +135,8 @@ public class MailRecipientsTest extends CamelTestSupport {
String recipients = "&to=camel@riders.org,easy@riders.org&cc=me@you.org&bcc=someone@somewhere.org";
from("direct:a").to("smtp://you@mymailserver.com?password=secret&from=you@apache.org" + recipients);
+ from("direct:b").removeHeaders("*").to("smtp://you@mymailserver.com?password=secret&from=you@apache.org" + recipients);
+ from("direct:c").removeHeaders("cc").to("smtp://you@mymailserver.com?password=secret&from=you@apache.org" + recipients);
// END SNIPPET: e1
}
};