This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.security-1.0.12 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-security.git
commit e9d32c81f974d3eada419ea17829165100303ca0 Author: Antonio Sanso <[email protected]> AuthorDate: Mon Jul 20 12:13:30 2015 +0000 SLING-4883 - Extend content disposition filter protection to jcr:data * unit tests git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/security@1691919 13f79535-47bb-0310-9956-ffa450edef68 --- .../impl/ContentDispositionFilterTest.java | 40 ++++++++++++++++++---- 1 file changed, 34 insertions(+), 6 deletions(-) diff --git a/src/test/java/org/apache/sling/security/impl/ContentDispositionFilterTest.java b/src/test/java/org/apache/sling/security/impl/ContentDispositionFilterTest.java index 2bde7d4..17614aa 100644 --- a/src/test/java/org/apache/sling/security/impl/ContentDispositionFilterTest.java +++ b/src/test/java/org/apache/sling/security/impl/ContentDispositionFilterTest.java @@ -424,18 +424,20 @@ public class ContentDispositionFilterTest { context.checking(new Expectations() { { + allowing(response).containsHeader("Content-Disposition"); + will(returnValue(false)); allowing(request).getAttribute(RewriterResponse.ATTRIBUTE_NAME); will(returnValue(null)); allowing(request).setAttribute(RewriterResponse.ATTRIBUTE_NAME, "text/html"); allowing(request).getPathInfo(); - will(returnValue("/content/usergenerated")); + will(returnValue("/content/usergenerated/")); allowing(response).setContentType("text/html"); //CONTENT DISPOSITION IS SET exactly(1).of(response).addHeader("Content-Disposition", "attachment"); } }); rewriterResponse.setContentType("text/html"); - //Assert.assertEquals(1, counter.intValue()); + Assert.assertEquals(1, counter.intValue()); } @Test @@ -562,7 +564,12 @@ public class ContentDispositionFilterTest { } }); PrivateAccessor.invoke(contentDispositionFilter,"activate", new Class[]{ComponentContext.class},new Object[]{ctx}); - final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response); + final AtomicInteger counter = new AtomicInteger(); + final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response) { + public void addHeader(String name, String value) { + counter.incrementAndGet(); + } + }; context.checking(new Expectations() { { @@ -579,6 +586,7 @@ public class ContentDispositionFilterTest { } }); rewriterResponse.setContentType("image/jpeg"); + Assert.assertEquals(1, counter.intValue()); } @Test @@ -705,7 +713,13 @@ public class ContentDispositionFilterTest { } }); PrivateAccessor.invoke(contentDispositionFilter,"activate", new Class[]{ComponentContext.class},new Object[]{ctx}); - ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response); + final AtomicInteger counter = new AtomicInteger(); + final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response) { + public void addHeader(String name, String value) { + counter.incrementAndGet(); + } + }; + context.checking(new Expectations() { { @@ -722,6 +736,7 @@ public class ContentDispositionFilterTest { } }); rewriterResponse.setContentType("image/jpeg"); + Assert.assertEquals(1, counter.intValue()); } /** @@ -746,7 +761,12 @@ public class ContentDispositionFilterTest { } }); PrivateAccessor.invoke(contentDispositionFilter,"activate", new Class[]{ComponentContext.class},new Object[]{ctx}); - final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response); + final AtomicInteger counter = new AtomicInteger(); + final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response) { + public void addHeader(String name, String value) { + counter.incrementAndGet(); + } + }; context.checking(new Expectations() { { @@ -766,6 +786,7 @@ public class ContentDispositionFilterTest { }); rewriterResponse.setContentType("text/html"); rewriterResponse.setContentType("text/html"); + Assert.assertEquals(1, counter.intValue()); } /** * Test repeated setContentType calls don't add multiple headers, case 2 changing mime type @@ -789,7 +810,13 @@ public class ContentDispositionFilterTest { } }); PrivateAccessor.invoke(contentDispositionFilter,"activate", new Class[]{ComponentContext.class},new Object[]{ctx}); - final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response); + final AtomicInteger counter = new AtomicInteger(); + final ContentDispositionFilter.RewriterResponse rewriterResponse = contentDispositionFilter. new RewriterResponse(request, response) { + public void addHeader(String name, String value) { + counter.incrementAndGet(); + } + }; + context.checking(new Expectations() { { @@ -813,5 +840,6 @@ public class ContentDispositionFilterTest { }); rewriterResponse.setContentType("text/html"); rewriterResponse.setContentType("text/xml"); + Assert.assertEquals(1, counter.intValue()); } } \ No newline at end of file -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
