You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by jd...@apache.org on 2008/12/21 10:16:27 UTC
svn commit: r728407 - in /wicket/trunk/wicket/src:
main/java/org/apache/wicket/validation/validator/UrlValidator.java
test/java/org/apache/wicket/validation/validator/UrlValidatorTest.java
Author: jdonnerstag
Date: Sun Dec 21 01:16:27 2008
New Revision: 728407
URL: http://svn.apache.org/viewvc?rev=728407&view=rev
Log:
wicket-1850 fixed: UrlValidator disallow http://user:password@host:port/path urls
Modified:
wicket/trunk/wicket/src/main/java/org/apache/wicket/validation/validator/UrlValidator.java
wicket/trunk/wicket/src/test/java/org/apache/wicket/validation/validator/UrlValidatorTest.java
Modified: wicket/trunk/wicket/src/main/java/org/apache/wicket/validation/validator/UrlValidator.java
URL: http://svn.apache.org/viewvc/wicket/trunk/wicket/src/main/java/org/apache/wicket/validation/validator/UrlValidator.java?rev=728407&r1=728406&r2=728407&view=diff
==============================================================================
--- wicket/trunk/wicket/src/main/java/org/apache/wicket/validation/validator/UrlValidator.java (original)
+++ wicket/trunk/wicket/src/main/java/org/apache/wicket/validation/validator/UrlValidator.java Sun Dec 21 01:16:27 2008
@@ -91,22 +91,14 @@
* This expression derived/taken from the BNF for URI (RFC2396).
*/
private static final String URL_PATTERN = "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?";
- // 12 3 4 5 6 7 8 9
/**
* Schema / Protocol (<code>http:</code>, <code>ftp:</code>, <code>file:</code>, etc).
*/
private static final int PARSE_URL_SCHEME = 2;
-
- /**
- * Includes hostname / ip and port number.
- */
- private static final int PARSE_URL_AUTHORITY = 4;
-
+ private static final int PARSE_URL_AUTHORITY = 4; // Includes hostname / ip and port number.
private static final int PARSE_URL_PATH = 5;
-
private static final int PARSE_URL_QUERY = 7;
-
private static final int PARSE_URL_FRAGMENT = 9;
/**
@@ -114,17 +106,14 @@
*/
private static final String SCHEME_PATTERN = "^[" + SCHEME_CHARS + "].*$";
- private static final String AUTHORITY_PATTERN = "^([" + AUTHORITY_CHARS + "]*)(:\\d*)?(.*)?";
- // 1 2 3 4
+ private static final String AUTHORITY_PATTERN = "^(.+(:.*)?@)?([" + AUTHORITY_CHARS +
+ "]*)(:\\d*)?(.*)?";
- private static final int PARSE_AUTHORITY_HOST_IP = 1;
-
- private static final int PARSE_AUTHORITY_PORT = 2;
-
- /**
- * Should always be empty.
- */
- private static final int PARSE_AUTHORITY_EXTRA = 3;
+ private static final int PARSE_AUTHORITY_USER = 1;
+ private static final int PARSE_AUTHORITY_PASSWORD = 2;
+ private static final int PARSE_AUTHORITY_HOST_IP = 3;
+ private static final int PARSE_AUTHORITY_PORT = 4;
+ private static final int PARSE_AUTHORITY_EXTRA = 5; // Should always be empty.
private static final String PATH_PATTERN = "^(/[-\\w:@&?=+,.!/~*'%$_;]*)?$";
@@ -348,7 +337,6 @@
}
Matcher authorityMatcher = Pattern.compile(AUTHORITY_PATTERN).matcher(authority);
-
if (!authorityMatcher.matches())
{
return false;
Modified: wicket/trunk/wicket/src/test/java/org/apache/wicket/validation/validator/UrlValidatorTest.java
URL: http://svn.apache.org/viewvc/wicket/trunk/wicket/src/test/java/org/apache/wicket/validation/validator/UrlValidatorTest.java?rev=728407&r1=728406&r2=728407&view=diff
==============================================================================
--- wicket/trunk/wicket/src/test/java/org/apache/wicket/validation/validator/UrlValidatorTest.java (original)
+++ wicket/trunk/wicket/src/test/java/org/apache/wicket/validation/validator/UrlValidatorTest.java Sun Dec 21 01:16:27 2008
@@ -206,6 +206,16 @@
}
/**
+ * test
+ */
+ public void testValidator206()
+ {
+ UrlValidator urlVal = new UrlValidator(null, UrlValidator.ALLOW_ALL_SCHEMES);
+ assertTrue(urlVal.isValid("http://user@host:80/path"));
+ assertTrue(urlVal.isValid("http://user:password@host:80/path"));
+ }
+
+ /**
*
* @param testPartsIndex
* @param testParts