This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.xss-1.0.10 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git
commit f9befd2748b42ebf9089bd9065f036a385949b08 Author: Justin Edelson <[email protected]> AuthorDate: Fri Jun 3 14:51:46 2016 +0000 SLING-5761 - adding double validator git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/xss@1746727 13f79535-47bb-0310-9956-ffa450edef68 --- src/main/java/org/apache/sling/xss/XSSAPI.java | 11 +++++++++++ .../java/org/apache/sling/xss/impl/XSSAPIImpl.java | 17 +++++++++++++++++ .../org/apache/sling/xss/impl/XSSAPIImplTest.java | 22 ++++++++++++++++++++++ 3 files changed, 50 insertions(+) diff --git a/src/main/java/org/apache/sling/xss/XSSAPI.java b/src/main/java/org/apache/sling/xss/XSSAPI.java index 50f2cd6..3a3780d 100644 --- a/src/main/java/org/apache/sling/xss/XSSAPI.java +++ b/src/main/java/org/apache/sling/xss/XSSAPI.java @@ -68,6 +68,17 @@ public interface XSSAPI { Long getValidLong(@Nullable String source,long defaultValue); /** + * Validate a string which should contain an double, returning a default value if the source is + * {@code null}, empty, can't be parsed, or contains XSS risks. + * + * @param source the source double + * @param defaultValue a default value if the source can't be used, is {@code null} or an empty string + * @return a sanitized double + */ + @Nullable + Double getValidDouble(@Nullable String source, double defaultValue); + + /** * Validate a string which should contain a dimension, returning a default value if the source is * empty, can't be parsed, or contains XSS risks. Allows integer dimensions and the keyword "auto". * diff --git a/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java b/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java index 5e95ae0..8abd350 100644 --- a/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java +++ b/src/main/java/org/apache/sling/xss/impl/XSSAPIImpl.java @@ -114,6 +114,23 @@ public class XSSAPIImpl implements XSSAPI { } /** + * @see org.apache.sling.xss.XSSAPI#getValidDouble(String, double) + */ + @Override + public Double getValidDouble(String source, double defaultValue) { + if (source != null && source.length() > 0) { + try { + return validator.getValidDouble("XSS", source, 0d, Double.MAX_VALUE, false); + } catch (Exception e) { + // ignore + } + } + + // fall through to default if empty, null, or validation failure + return defaultValue; + } + + /** * @see org.apache.sling.xss.XSSAPI#getValidDimension(String, String) */ @Override diff --git a/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java b/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java index ef26f88..714c575 100644 --- a/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java +++ b/src/test/java/org/apache/sling/xss/impl/XSSAPIImplTest.java @@ -341,6 +341,28 @@ public class XSSAPIImplTest { } @Test + public void testGetValidDouble() { + String[][] testData = { + // Source Expected Result + // + {null, "123"}, + {"100.5", "100.5"}, + {"0", "0"}, + + {"junk", "123"}, + {"", "123"}, + {"null", "123"} + }; + + for (String[] aTestData : testData) { + String source = aTestData[0]; + Double expected = (aTestData[1] != null) ? new Double(aTestData[1]) : null; + + TestCase.assertEquals("Validating double '" + source + "'", expected, xssAPI.getValidDouble(source, 123)); + } + } + + @Test public void testGetValidDimension() { String[][] testData = { // Source Expected Result -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
