Author: peter_firmstone Date: Wed Jul 11 20:58:02 2012 New Revision: 1360396
URL: http://svn.apache.org/viewvc?rev=1360396&view=rev Log: Windows platforms have issues with file name paths, illegal characters need to be escaped, this requires further work, not as simple as I originally thought. This is for testing on hudson Added: river/jtsk/trunk/src/org/apache/river/api/security/UriString.java river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java Modified: river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java Modified: river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java?rev=1360396&r1=1360395&r2=1360396&view=diff ============================================================================== --- river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java (original) +++ river/jtsk/trunk/src/org/apache/river/api/security/DefaultPolicyParser.java Wed Jul 11 20:58:02 2012 @@ -204,13 +204,13 @@ class DefaultPolicyParser implements Pol Collection<String> cbstr = expandURLs(cb, system); Iterator<String> it = cbstr.iterator(); while (it.hasNext()){ - codebases.add(new URI(it.next())); + codebases.add(new URI(UriString.escapeIllegalCharacters(it.next()))); } } catch (ExpansionFailedException e) { - codebases.add(new URI(cb)); + codebases.add(new URI(UriString.escapeIllegalCharacters(cb))); } } else { - codebases.add(new URI(cb)); + codebases.add(new URI(UriString.escapeIllegalCharacters(cb))); } } if ( signerString != null) { Added: river/jtsk/trunk/src/org/apache/river/api/security/UriString.java URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/UriString.java?rev=1360396&view=auto ============================================================================== --- river/jtsk/trunk/src/org/apache/river/api/security/UriString.java (added) +++ river/jtsk/trunk/src/org/apache/river/api/security/UriString.java Wed Jul 11 20:58:02 2012 @@ -0,0 +1,104 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.river.api.security; + +import java.util.Arrays; +import java.util.Collection; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; + +/** + * + * @author Peter Firmstone. + */ +class UriString { + + private final static Map<Character,String> escaped = new HashMap<Character,String>(); + + + // Allowed + private static char [] lowalpha = "abcdefghijklmnopqrstuvwxyz".toCharArray(); + private static char [] upalpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZ".toCharArray(); + private static char [] reserved = {';','/','?',':','@','&','=','+','$',','}; + private static char [] mark = "-_.!~*'()".toCharArray(); + private static char escape = '%'; + private static char fragment = '#'; + // Excluded + private static Character [] control = { + '\u0000','\u0001','\u0002','\u0003','\u0004','\u0005','\u0006','\u0007', + '\u0008','\u0009','\n', '\u000B','\u000C','\r', '\u000E','\u000F', + '\u0010','\u0011','\u0012','\u0013','\u0014','\u0015','\u0016','\u0017', + '\u0018','\u0019','\u001A','\u001B','\u001C','\u001D','\u001E','\u001F', + '\u007F' + }; + private static String [] contEsc = { + "%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07", + "%08", "%09", "%0A", "%0B", "%0C", "%0D", "%0E", "%0F", + "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", + "%18", "%19", "%1A", "%1B", "%1C", "%1D", "%1E", "%1F", + "%7F" + }; + private static Character space = '\u0020'; + private static String spaceEsc = "%20"; + // Excluded because they are often used as delimiters around URI + private static Character [] delims = {'<','>','"'}; + private static String [] delimEsc = {"%3C", "%3E", "%22"}; + // Excluded because gateways and other transport agents are known + // to sometimes modify such characters, or they are used as delimiters. + private static Character [] unwise = {'{','}','|','\\','^','[',']','`'}; + private static String [] unwiseEsc = {"%7B", "%7D", "%7C", "%5C", + "%53", "%5B", "%5D", "%60"}; + + + static { + escapes(control, contEsc); + escaped.put(space, spaceEsc); + escapes(delims, delimEsc); + escapes(unwise, unwiseEsc); + } + + static void escapes(Character [] unicode, String[] escape){ + int l = unicode.length; + if (l != escape.length) throw new IllegalArgumentException("unequal arrays"); + for (int i = 0; i < l; i++){ + escaped.put(unicode[i], escape[i]); + } + } + + static String escapeIllegalCharacters(String url){ + char [] u = url.toCharArray(); + int l = u.length; +// for (int i = 0; i < l; i++){ +// // Don't escape if already escaped. +// if (u[i] == escape) return url; +// } + StringBuilder sb = new StringBuilder(); + for (int i=0; i<l; i++){ + Character c = Character.valueOf(u[i]); + if (escaped.keySet().contains(c)){ + sb.append(escaped.get(c)); + } else { + sb.append(c); + } + } + return sb.toString(); + } + +} + Added: river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java URL: http://svn.apache.org/viewvc/river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java?rev=1360396&view=auto ============================================================================== --- river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java (added) +++ river/jtsk/trunk/test/src/org/apache/river/api/security/UriStringTest.java Wed Jul 11 20:58:02 2012 @@ -0,0 +1,50 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ +package org.apache.river.api.security; + +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import static org.junit.Assert.*; + +/** + * + * @author peter + */ +public class UriStringTest { + + public UriStringTest() { + } + + @BeforeClass + public static void setUpClass() throws Exception { + } + + @AfterClass + public static void tearDownClass() throws Exception { + } + + @Before + public void setUp() { + } + + @After + public void tearDown() { + } + + /** + * Test of escapeIllegalCharacters method, of class UriString. + */ + @Test + public void testEscapeIllegalCharacters() { + System.out.println("escapeIllegalCharacters"); + String url = " "; + String expResult = "%20"; + String result = UriString.escapeIllegalCharacters(url); + assertEquals(expResult, result); + } +}
