svn commit: r935571 - in /tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets: ./ ContextAssetRequestHandlerTest.java

Mon, 19 Apr 2010 06:57:44 -0700 

Author: hlship
Date: Mon Apr 19 13:56:59 2010
New Revision: 935571

URL: http://svn.apache.org/viewvc?rev=935571&view=rev
Log:
Add tests to validate that ContextAssetRequestHandler screens out access to 
WEB-INF, META-INF and .tml files.

Added:
    
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/
    
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/ContextAssetRequestHandlerTest.java
   (with props)

Added: 
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/ContextAssetRequestHandlerTest.java
URL: 
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/ContextAssetRequestHandlerTest.java?rev=935571&view=auto
==============================================================================
--- 
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/ContextAssetRequestHandlerTest.java
 (added)
+++ 
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/ContextAssetRequestHandlerTest.java
 Mon Apr 19 13:56:59 2010
@@ -0,0 +1,43 @@
+// Copyright 2010 The Apache Software Foundation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.apache.tapestry5.internal.services.assets;
+
+import java.io.IOException;
+
+import org.apache.tapestry5.ioc.test.TestBase;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+public class ContextAssetRequestHandlerTest extends TestBase
+{
+    @DataProvider
+    public Object[][] invalid_paths()
+    {
+        return new Object[][]
+        {
+        { "web-Inf/classes/hibernate.cfg.xml" },
+        { "Meta-Inf/MANIFEST.mf" },
+        { "Index.tml" },
+        { "folder/FolderIndex.TML" } };
+    }
+
+    @Test(dataProvider = "invalid_paths")
+    public void ensure_assets_are_rejected(String path) throws IOException
+    {
+        ContextAssetRequestHandler handler = new 
ContextAssetRequestHandler(null, null);
+
+        assertFalse(handler.handleAssetRequest(null, null, path), "Handler 
should return false for invalid path.");
+    }
+}

Propchange: 
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/assets/ContextAssetRequestHandlerTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Reply via email to