This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch camel-2.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-2.x by this push:
new 5233404 CAMEL-13153 - Strip newlines from exchange headers
5233404 is described below
commit 5233404e9621d698cc661938ca9eb2037647b563
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Fri Feb 1 17:45:09 2019 +0000
CAMEL-13153 - Strip newlines from exchange headers
---
.../java/org/apache/camel/util/StringHelper.java | 12 +++++
.../org/apache/camel/util/StringHelperTest.java | 22 ++++++++
.../apache/camel/component/mail/MailBinding.java | 13 +++--
.../camel/component/mail/MailRecipientsTest.java | 59 ++++++++++++++++++++++
4 files changed, 101 insertions(+), 5 deletions(-)
diff --git a/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
b/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
index 887bd12..02914d7 100644
--- a/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
+++ b/camel-core/src/main/java/org/apache/camel/util/StringHelper.java
@@ -56,6 +56,18 @@ public final class StringHelper {
}
/**
+ * Remove carriage return and line feeds from a String, replacing them
with an empty String.
+ * @param s String to be sanitized of carriage return / line feed
characters
+ * @return sanitized version of <code>s</code>.
+ * @throws NullPointerException if <code>s</code> is <code>null</code>.
+ */
+ public static String removeCRLF(String s) {
+ return s
+ .replaceAll("\r", "")
+ .replaceAll("\n", "");
+ }
+
+ /**
* Counts the number of times the given char is in the string
*
* @param s the string
diff --git
a/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
b/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
index d0a87a6..6e85e8a 100644
--- a/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
+++ b/camel-core/src/test/java/org/apache/camel/util/StringHelperTest.java
@@ -42,6 +42,28 @@ public class StringHelperTest extends Assert {
}
@Test
+ public void testSimpleCRLF() {
+ String out = StringHelper.removeCRLF("hello");
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains("\r"));
+ assertTrue("Should not contain : ", !out.contains("\n"));
+
+ out = StringHelper.removeCRLF("hello\r\n");
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains("\r"));
+ assertTrue("Should not contain : ", !out.contains("\n"));
+
+ out = StringHelper.removeCRLF("\r\nhe\r\nllo\n");
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ", !out.contains("\r"));
+ assertTrue("Should not contain : ", !out.contains("\n"));
+
+ out = StringHelper.removeCRLF("hello" + System.lineSeparator());
+ assertEquals("hello", out);
+ assertTrue("Should not contain : ",
!out.contains(System.lineSeparator()));
+ }
+
+ @Test
public void testCountChar() {
assertEquals(0, StringHelper.countChar("Hello World", 'x'));
assertEquals(1, StringHelper.countChar("Hello World", 'e'));
diff --git
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
index 2a88acd..d50a04c 100644
---
a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
+++
b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailBinding.java
@@ -398,10 +398,10 @@ public class MailBinding {
Iterator<?> iter =
ObjectHelper.createIterator(headerValue);
while (iter.hasNext()) {
Object value = iter.next();
- mimeMessage.addHeader(headerName,
asString(exchange, value));
+
mimeMessage.addHeader(StringHelper.removeCRLF(headerName), asString(exchange,
value));
}
} else {
- mimeMessage.setHeader(headerName, asString(exchange,
headerValue));
+
mimeMessage.setHeader(StringHelper.removeCRLF(headerName), asString(exchange,
headerValue));
}
}
}
@@ -418,10 +418,12 @@ public class MailBinding {
Iterator<?> iter =
ObjectHelper.createIterator(headerValue);
while (iter.hasNext()) {
Object recipient = iter.next();
- appendRecipientToMimeMessage(mimeMessage,
configuration, exchange, headerName, asString(exchange, recipient));
+ appendRecipientToMimeMessage(mimeMessage,
configuration, exchange,
+
StringHelper.removeCRLF(headerName), asString(exchange, recipient));
}
} else {
- appendRecipientToMimeMessage(mimeMessage, configuration,
exchange, headerName, asString(exchange, headerValue));
+ appendRecipientToMimeMessage(mimeMessage, configuration,
exchange,
+
StringHelper.removeCRLF(headerName), asString(exchange, headerValue));
}
}
}
@@ -720,7 +722,8 @@ public class MailBinding {
}
private static String asString(Exchange exchange, Object value) {
- return
exchange.getContext().getTypeConverter().convertTo(String.class, exchange,
value);
+ String strValue =
exchange.getContext().getTypeConverter().convertTo(String.class, exchange,
value);
+ return StringHelper.removeCRLF(strValue);
}
/**
diff --git
a/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
index 0c03c63..490d81e 100644
---
a/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
+++
b/components/camel-mail/src/test/java/org/apache/camel/component/mail/MailRecipientsTest.java
@@ -16,7 +16,11 @@
*/
package org.apache.camel.component.mail;
+import java.util.HashMap;
+import java.util.Map;
+
import javax.mail.Message;
+import javax.mail.internet.InternetAddress;
import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.test.junit4.CamelTestSupport;
@@ -67,6 +71,59 @@ public class MailRecipientsTest extends CamelTestSupport {
assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.BCC)[0].toString());
}
+ @Test
+ public void testHeadersBlocked() throws Exception {
+ Mailbox.clearAll();
+
+ // direct:b blocks all message headers
+ Map<String, Object> headers = new HashMap<>();
+ headers.put("to", "[email protected]");
+ headers.put("cc", "[email protected]");
+
+ template.sendBodyAndHeaders("direct:b", "Hello World", headers);
+
+ Mailbox box = Mailbox.get("[email protected]");
+ Message msg = box.get(0);
+ assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.TO)[0].toString());
+ assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.TO)[1].toString());
+ assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.CC)[0].toString());
+ }
+
+ @Test
+ public void testSpecificHeaderBlocked() throws Exception {
+ Mailbox.clearAll();
+
+ // direct:c blocks the "cc" message header - so only "to" will be used
here
+ Map<String, Object> headers = new HashMap<>();
+ headers.put("to", "[email protected]");
+ headers.put("cc", "[email protected]");
+
+ template.sendBodyAndHeaders("direct:c", "Hello World", headers);
+
+ Mailbox box = Mailbox.get("[email protected]");
+ Message msg = box.get(0);
+ assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.TO)[0].toString());
+ assertNull(msg.getRecipients(Message.RecipientType.CC));
+ // TODO assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.CC)[0].toString());
+ }
+
+ @Test
+ public void testSpecificHeaderBlockedInjection() throws Exception {
+ Mailbox.clearAll();
+
+ // direct:c blocks the "cc" message header - but we are trying to
inject cc in via another header
+ Map<String, Object> headers = new HashMap<>();
+ headers.put("blah", "somevalue\r\ncc: [email protected]");
+
+ template.sendBodyAndHeaders("direct:c", "Hello World", headers);
+
+ Mailbox box = Mailbox.get("[email protected]");
+ Message msg = box.get(0);
+ assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.TO)[0].toString());
+ assertEquals(1, msg.getRecipients(Message.RecipientType.CC).length);
+ assertEquals("[email protected]",
msg.getRecipients(Message.RecipientType.CC)[0].toString());
+ }
+
protected RouteBuilder createRouteBuilder() throws Exception {
return new RouteBuilder() {
public void configure() throws Exception {
@@ -78,6 +135,8 @@ public class MailRecipientsTest extends CamelTestSupport {
String recipients =
"&[email protected],[email protected]&[email protected]&[email protected]";
from("direct:a").to("smtp://[email protected]?password=secret&[email protected]"
+ recipients);
+
from("direct:b").removeHeaders("*").to("smtp://[email protected]?password=secret&[email protected]"
+ recipients);
+
from("direct:c").removeHeaders("cc").to("smtp://[email protected]?password=secret&[email protected]"
+ recipients);
// END SNIPPET: e1
}
};
