[jira] [Resolved] (VALIDATOR-334) UrlValidator: isValidAuthority() returning true when supplied authority validator fails

Sat, 03 Jan 2015 02:51:07 -0800 

     [ 
https://issues.apache.org/jira/browse/VALIDATOR-334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sebb resolved VALIDATOR-334.
----------------------------
       Resolution: Fixed
    Fix Version/s: 1.4.1

URL: http://svn.apache.org/r1649186
Log:
VALIDATOR-334 - UrlValidator: isValidAuthority() returning true when supplied 
authority validator fails
Clarified documentation: validator is intended as an override

Modified:
    commons/proper/validator/trunk/RELEASE-NOTES.txt
    commons/proper/validator/trunk/src/changes/changes.xml
    
commons/proper/validator/trunk/src/main/java/org/apache/commons/validator/routines/UrlValidator.java


> UrlValidator: isValidAuthority() returning true when supplied authority 
> validator fails
> ---------------------------------------------------------------------------------------
>
>                 Key: VALIDATOR-334
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-334
>             Project: Commons Validator
>          Issue Type: Bug
>          Components: Routines
>    Affects Versions: 1.4.0 Release
>            Reporter: Scott Franson
>             Fix For: 1.4.1
>
>
> When UrlValidator is supplied an authority validator, if the authority fails 
> the authority validator, but is an otherwise valid authority, the 
> UrlValidator reports the URL is valid. Here is a test case:
> {code}
>     @Test
>     public void testUrlValidator() throws Exception {
>         String regex = ".*amazon\\.com";
>         RegexValidator authorityValidator = new RegexValidator(regex);
>         UrlValidator validator = new UrlValidator(authorityValidator, 
> UrlValidator.ALLOW_ALL_SCHEMES);
>         assertThat("amazon.com", Pattern.matches(regex, "amazon.com"), 
> is(true));
>         assertThat("google.com", Pattern.matches(regex, "google.com"), 
> is(false));
>         assertThat("amazon.com", authorityValidator.isValid("amazon.com"), 
> is(true));
>         assertThat("google.com", authorityValidator.isValid("google.com"), 
> is(false));
>         assertThat("amazon.com", 
> validator.isValid("http://amazon.com/somepath";), is(true));
>         assertThat("google.com", 
> validator.isValid("http://google.com/somepath";), is(false));   // fails
>     }
> {code}
> It appears that UrlAuthority.isValidAuthority() will return true if the URL 
> passes the authorityValidator (line 365). But if the URL fails the 
> authorityValidator, it can still pass the other validation checks. Shouldn't 
> the validation fail if the URL fails the authorityValidator, regardless if it 
> is an otherwise valid authority?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to