You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/02/17 18:35:23 UTC
[cxf] branch 3.3.x-fixes updated (c275d73 -> 9ad3799)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from c275d73 Recording .gitmergeinfo Changes
new 1bf982f Update Velocity version to 2.2
new 9987ba3 Log error in the AllowAllHostnameVerifier
new 97c854b Cxf 8208 - Handle exceptions when looking up swagger ui resources (#637)
new f18b1bc Recording .gitmergeinfo Changes
new 9ad3799 Recording .gitmergeinfo Changes
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitmergeinfo | 11 +++++++
parent/pom.xml | 2 +-
rt/rs/description-swagger-ui/pom.xml | 5 ++++
.../jaxrs/swagger/ui/SwaggerUiResourceLocator.java | 8 ++++-
.../swagger/ui/SwaggerUIResourceLocatorTest.java | 35 +++++++++++-----------
.../transport/https/AllowAllHostnameVerifier.java | 9 ++++++
6 files changed, 51 insertions(+), 19 deletions(-)
copy systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServerSpring.java => rt/rs/description-swagger-ui/src/test/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUIResourceLocatorTest.java (55%)
[cxf] 03/05: Cxf 8208 - Handle exceptions when looking up swagger
ui resources (#637)
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 97c854bbe30a77b4925704f59b187158054296bf
Author: Nate Chadwick <na...@gmail.com>
AuthorDate: Mon Feb 17 12:40:59 2020 -0500
Cxf 8208 - Handle exceptions when looking up swagger ui resources (#637)
* Fix condition where swaggerui resource would fail requests with special
characters. add test CXF-8208
* CXF-8208 add junit, fix exception handler
* Specify IllegalArgumentException
* Remove try catch - add expected.
* Update SwaggerUiResourceLocator.java
Removed unneeded import.
* Update SwaggerUIResourceLocatorTest.java
Co-authored-by: Colm O hEigeartaigh <co...@users.noreply.github.com>
(cherry picked from commit 2a6b7327c584b6394a795c26c9cb7897900dcf63)
---
rt/rs/description-swagger-ui/pom.xml | 5 +++
.../jaxrs/swagger/ui/SwaggerUiResourceLocator.java | 8 +++-
.../swagger/ui/SwaggerUIResourceLocatorTest.java | 43 ++++++++++++++++++++++
3 files changed, 55 insertions(+), 1 deletion(-)
diff --git a/rt/rs/description-swagger-ui/pom.xml b/rt/rs/description-swagger-ui/pom.xml
index 62226e5..cb2ea9d 100644
--- a/rt/rs/description-swagger-ui/pom.xml
+++ b/rt/rs/description-swagger-ui/pom.xml
@@ -55,5 +55,10 @@
<scope>provided</scope>
<optional>true</optional>
</dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
</project>
diff --git a/rt/rs/description-swagger-ui/src/main/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUiResourceLocator.java b/rt/rs/description-swagger-ui/src/main/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUiResourceLocator.java
index 45da62d..6c396dd 100644
--- a/rt/rs/description-swagger-ui/src/main/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUiResourceLocator.java
+++ b/rt/rs/description-swagger-ui/src/main/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUiResourceLocator.java
@@ -50,8 +50,14 @@ public class SwaggerUiResourceLocator {
if (resourcePath.startsWith("/")) {
resourcePath = resourcePath.substring(1);
}
+ URL ret;
- return URI.create(swaggerUiRoot + resourcePath).toURL();
+ try {
+ ret = URI.create(swaggerUiRoot + resourcePath).toURL();
+ } catch (IllegalArgumentException ex) {
+ throw new MalformedURLException(ex.getMessage());
+ }
+ return ret;
}
/**
diff --git a/rt/rs/description-swagger-ui/src/test/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUIResourceLocatorTest.java b/rt/rs/description-swagger-ui/src/test/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUIResourceLocatorTest.java
new file mode 100644
index 0000000..198127e
--- /dev/null
+++ b/rt/rs/description-swagger-ui/src/test/java/org/apache/cxf/jaxrs/swagger/ui/SwaggerUIResourceLocatorTest.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.jaxrs.swagger.ui;
+
+import java.net.MalformedURLException;
+
+import org.junit.Test;
+
+
+
+public class SwaggerUIResourceLocatorTest {
+
+ @Test(expected = MalformedURLException.class)
+ public void testLocateWithBadCharactersInUrl() throws MalformedURLException {
+ String url =
+ "jar:file:/Volumes/bigdrive/test157/jetty/base/webapps/"
+ + "Rhythmyx/WEB-INF/lib/swagger-ui-2.2.10-1.jar!/META-INF/resources/"
+ + "webjars/swagger-ui/2.2.10-1/assets/by-path//Assets/uploads/"
+ + "Screen Shot 2020-02-05 at 10.50.53 AM.png";
+
+ SwaggerUiResourceLocator locator = new SwaggerUiResourceLocator("/");
+
+ locator.locate(url);
+
+ }
+}
[cxf] 05/05: Recording .gitmergeinfo Changes
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 9ad3799645e1faeb82c4a0c361a1febd5dd0246a
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Feb 17 17:47:48 2020 +0000
Recording .gitmergeinfo Changes
---
.gitmergeinfo | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.gitmergeinfo b/.gitmergeinfo
index e28c1cb..aa81723 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -2,6 +2,7 @@ origin/master
B 00a83132af1d549508159d503aa6b171c8607341
B 08164e1f0e07c222ae45d320973401833df6ab9c
+B 0b7580839ddcd7879aa3f14576ea959a1aa872bc
B 0c7ab097483a2a30844cae32e6532f1028afc17e
B 0c81f1b0de1ca78933c145479dfefa81c98dbd09
B 0deb502385473af355a96c20eea624a812addcd2
@@ -48,6 +49,7 @@ B 48706603e30f076362ffd4f87b5d36b6ef83dbf5
B 49d34cf3a1583932779d39766b055bf49359da53
B 4b1c1cb13fe6fa05eb27c6ad7a3393d1c3ec1ec1
B 4ba8ca20314da9a581f1e9a17cec5f14a210f55f
+B 4bae9bec5790652c8d91fab66510ae7395c1f32f
B 4c39a21a06edc779a91d5dc86cf85257d7a7d5d4
B 4d46618c17cb5c1386d493c75faf0f89dbece267
B 4e981b1f5bb19bc85e3b92e325216148ef043e8c
[cxf] 04/05: Recording .gitmergeinfo Changes
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit f18b1bc03a985b94d6f3cad0f0fbd01bd34ba82a
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Feb 17 17:47:34 2020 +0000
Recording .gitmergeinfo Changes
---
.gitmergeinfo | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 93a6511..e28c1cb 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -11,6 +11,7 @@ B 119b68779316174145b168fc538f1747e06a51ee
B 11de1e0dfff9a8f9b157e23983c8e25f8503f868
B 1279837f4879cb5446ae402cec432010455151fa
B 129a02d671c9aa0bcbb3be1ffd732d7937583667
+B 12b0c595a03e0fed09fbc2d4ee37e0ee15fe4432
B 1448dd059193dac0a975520707ae98b1fe3a7e18
B 16c1d31b17b310d32d24676d3aca9c2b80c866ee
B 180fbbbd5571840b5f7a09ab7c0ce59605edd346
@@ -62,6 +63,7 @@ B 67715076cb7d245aaf2d3a2442a40349d354e323
B 6d59a806aca3cd81e7e86df401afd771274c3141
B 6dd6377021ac0b9b586a0c579c3adfd6950936c8
B 6fbaddee67676f9840405bd49cb7d6e08a81bd23
+B 707e2376a798a65ed2f71c34d9f351d481396381
B 71b0cee7b2148af88c005cccd4c46f64ffbf62dd
B 723bb16431f1f03ed600c1b0c39049cb55c105d0
B 75bd4e800746b9f483146e4d15ffef3ad4f934cf
@@ -87,7 +89,9 @@ B 9c48667915c34d2e8960d9f11be5b6b7d824ff24
B 9d97e0d5b7f4e0ed3ebf531b389b38f6f3c111ed
B 9fd3ec99d73449779915279cd8bdabe484c29fda
B a276fd2cfd6e78326cda060779d9d8568e796313
+B a44960c899ed754f2192fcc62b4320b6bbb4b184
B a50d2d81dd7d620061ac21b6df7943ad5c6c92cc
+B a5aeebd9835ce93c2c61fdbdeb614682d4437057
B a69f0444081047e2bbae9e9b8f180d490d417f8a
B a842a33554e8d26b4a42dc1e1734fc9dc0a21067
B ab3df13b8d15aa36365eb2e10b5961d17330d9a2
@@ -105,16 +109,20 @@ B d4d4b1e740a48103811e33094adb19d5c22ca108
B da4dfeed6867ed628dc05c9a2dbedbebdf33db21
B de03dfae71010bd3719430d8d7453732f4c151ea
B de393404c3c2e6b0f2d93f11f5fef0c53385d57d
+B de494a4f2bd3f2a99a7ddf57213bec3afe2b8300
B e68d173f7d3ca15603a8f9eff9c8b39783207f70
B e6d432be93022b5b4ac1998a546d0652861fdff3
+B e75756033fcb6f393fc725d13a5241c462add1d9
B ef7f9b1d16ec71ea1186701e20818607ce7d2bba
B eff15d982722111d5da87591bd115cefefe944df
B f0a556673f0a999dcdf5d9882a86a48120240594
B f0ad8c3079c37c7f1b9eaf0be0ee42ff5ddf5325
B f1f26101d421e30560b6da5f125852708774718b
B f54062eb331fcf35d9f3a840f532417fccbb2673
+B f965e4917e440327abeb067c6d24ce9292f77f23
B f9c95c5d87a7b948896d8288d2009e03c6313eb7
B f9f5d45bbe302697224128d78e8b698928a7514d
+B fa49de63402275f87d22bd0251c46f4a299d0b4f
B fab7fc9e2dfbe32cc9988b16f2aa03e4bfff28e3
B fcd22cd026bc94a95fa19210df193df753afe4d1
M 09ddfdeaef6f32537dba23fa6d7ef36992b3217b
@@ -141,6 +149,7 @@ M 6b7e50b87d74dc6b7d1e830b373c7e30c04e14a2
M 79466c55a2a1191df9c28a02568b82a8c3d08fbd
M 7b50181ebc445bb84d3463b284643432399bc0f8
M 7ef814556d727c147d6f625cbb1170edfd24a752
+M 92a00fc05e2437d2d0cf98099060ba4e1f6dac99
M 95c3c37092751b1d00b6f2c26642f18ebcbba878
M 9c462e9bd614d529f0a2fd86490243ea1c858651
M a4fc3a0462f09dd6c6c920385b67e621d7e36399
[cxf] 02/05: Log error in the AllowAllHostnameVerifier
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 9987ba3645d65d119b45913e83bf34deab7909f6
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Feb 17 17:37:14 2020 +0000
Log error in the AllowAllHostnameVerifier
(cherry picked from commit 7934eff013f36b1156ab117f6e2f87343b93abee)
---
.../org/apache/cxf/transport/https/AllowAllHostnameVerifier.java | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/AllowAllHostnameVerifier.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/AllowAllHostnameVerifier.java
index 5fb26ed..bde0d14 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/AllowAllHostnameVerifier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/AllowAllHostnameVerifier.java
@@ -21,21 +21,30 @@ package org.apache.cxf.transport.https;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
+import java.util.logging.Level;
+import java.util.logging.Logger;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
+import org.apache.cxf.common.logging.LogUtils;
+
/**
* Allow all hostnames. This is only suitable for use in testing, and NOT in production!
*/
class AllowAllHostnameVerifier implements javax.net.ssl.HostnameVerifier {
+ private static final Logger LOG = LogUtils.getL7dLogger(AllowAllHostnameVerifier.class);
+
@Override
public boolean verify(String host, SSLSession session) {
try {
Certificate[] certs = session.getPeerCertificates();
return certs != null && certs[0] instanceof X509Certificate;
} catch (SSLException e) {
+ if (LOG.isLoggable(Level.FINE)) {
+ LOG.log(Level.FINE, e.getMessage(), e);
+ }
throw new RuntimeException("HostnameVerifier, socket reset for TTL");
}
}
[cxf] 01/05: Update Velocity version to 2.2
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 1bf982f9d91bd112a6266a0783408193eca0e64c
Author: Dennis Kieselhorst <de...@apache.org>
AuthorDate: Mon Feb 3 21:55:41 2020 +0100
Update Velocity version to 2.2
(cherry picked from commit 92a00fc05e2437d2d0cf98099060ba4e1f6dac99)
---
parent/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/parent/pom.xml b/parent/pom.xml
index 03d2f4f..b035441 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -211,7 +211,7 @@
with a qualifier. We do want a range. -->
<cxf.validation.api.package.version>[1.0.0,2)</cxf.validation.api.package.version>
<cxf.validation.api.version>1.1.0.Final</cxf.validation.api.version>
- <cxf.velocity.version>2.1</cxf.velocity.version>
+ <cxf.velocity.version>2.2</cxf.velocity.version>
<cxf.wiremock.version>2.23.2</cxf.wiremock.version>
<cxf.woodstox.core.version>5.0.3</cxf.woodstox.core.version>
<cxf.woodstox.stax2-api.version>3.1.4</cxf.woodstox.stax2-api.version>