[jira] [Commented] (VALIDATOR-334) UrlValidator: isValidAuthority() returning true when supplied authority validator fails

Fri, 02 Jan 2015 18:27:44 -0800 

    [ 
https://issues.apache.org/jira/browse/VALIDATOR-334?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14263386#comment-14263386
 ] 

Sebb commented on VALIDATOR-334:
--------------------------------

The code was introduced in VALIDATOR-248 as a way to allow authority overrides.

So I think it is behaving correctly, but I agree the Javadoc does not make it 
clear what the function of the regex is

> UrlValidator: isValidAuthority() returning true when supplied authority 
> validator fails
> ---------------------------------------------------------------------------------------
>
>                 Key: VALIDATOR-334
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-334
>             Project: Commons Validator
>          Issue Type: Bug
>          Components: Routines
>    Affects Versions: 1.4.0 Release
>            Reporter: Scott Franson
>
> When UrlValidator is supplied an authority validator, if the authority fails 
> the authority validator, but is an otherwise valid authority, the 
> UrlValidator reports the URL is valid. Here is a test case:
> {code}
>     @Test
>     public void testUrlValidator() throws Exception {
>         String regex = ".*amazon\\.com";
>         RegexValidator authorityValidator = new RegexValidator(regex);
>         UrlValidator validator = new UrlValidator(authorityValidator, 
> UrlValidator.ALLOW_ALL_SCHEMES);
>         assertThat("amazon.com", Pattern.matches(regex, "amazon.com"), 
> is(true));
>         assertThat("google.com", Pattern.matches(regex, "google.com"), 
> is(false));
>         assertThat("amazon.com", authorityValidator.isValid("amazon.com"), 
> is(true));
>         assertThat("google.com", authorityValidator.isValid("google.com"), 
> is(false));
>         assertThat("amazon.com", 
> validator.isValid("http://amazon.com/somepath";), is(true));
>         assertThat("google.com", 
> validator.isValid("http://google.com/somepath";), is(false));   // fails
>     }
> {code}
> It appears that UrlAuthority.isValidAuthority() will return true if the URL 
> passes the authorityValidator (line 365). But if the URL fails the 
> authorityValidator, it can still pass the other validation checks. Shouldn't 
> the validation fail if the URL fails the authorityValidator, regardless if it 
> is an otherwise valid authority?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to