You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@shindig.apache.org by "Marshall Shi (JIRA)" <ji...@apache.org> on 2012/12/10 08:29:21 UTC

[jira] [Created] (SHINDIG-1889) host name check is case sensitive in locked domain service

Marshall Shi created SHINDIG-1889:
-------------------------------------

             Summary: host name check is case sensitive in locked domain service
                 Key: SHINDIG-1889
                 URL: https://issues.apache.org/jira/browse/SHINDIG-1889
             Project: Shindig
          Issue Type: Bug
          Components: Java
    Affects Versions: 2.5.0-beta5
            Reporter: Marshall Shi
             Fix For: 2.5.0-beta5


The host name check is case sensitive in locked domain service.
org.apache.shindig.gadgets.HashLockedDomainService

  @Override
  public boolean isGadgetValidForHost(String host, Gadget gadget, String container) {
    container = getContainer(container);
    if (isEnabled()) {
      if (isGadgetReqestingLocking(gadget) || isHostUsingLockedDomain(host)
              || isDomainLockingEnforced(container)) {
        String neededHost;
        try {
          neededHost = getLockedDomain(gadget, container);
        } catch (GadgetException e) {
          if (LOG.isLoggable(Level.WARNING)) {
            LOG.log(Level.WARNING, "Invalid host for call.", e);
          }
          return false;
        }
        return host.equals(neededHost);
      }
    }
    return true;
  }

According to URL spec:
http://www.ietf.org/rfc/rfc3986.txt
Section 3.2.2.
Proposed fix is to replace equals with equalsIgnoreCase.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira