Marshall Shi created SHINDIG-1889:
-------------------------------------
Summary: host name check is case sensitive in locked domain service
Key: SHINDIG-1889
URL: https://issues.apache.org/jira/browse/SHINDIG-1889
Project: Shindig
Issue Type: Bug
Components: Java
Affects Versions: 2.5.0-beta5
Reporter: Marshall Shi
Fix For: 2.5.0-beta5
The host name check is case sensitive in locked domain service.
org.apache.shindig.gadgets.HashLockedDomainService
@Override
public boolean isGadgetValidForHost(String host, Gadget gadget, String
container) {
container = getContainer(container);
if (isEnabled()) {
if (isGadgetReqestingLocking(gadget) || isHostUsingLockedDomain(host)
|| isDomainLockingEnforced(container)) {
String neededHost;
try {
neededHost = getLockedDomain(gadget, container);
} catch (GadgetException e) {
if (LOG.isLoggable(Level.WARNING)) {
LOG.log(Level.WARNING, "Invalid host for call.", e);
}
return false;
}
return host.equals(neededHost);
}
}
return true;
}
According to URL spec:
http://www.ietf.org/rfc/rfc3986.txt
Section 3.2.2.
Proposed fix is to replace equals with equalsIgnoreCase.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
