Use Charset variants of URLEncoder and URLDecoder methods
This commit is contained in:
Christoph Dreis
Juergen Hoeller
parent
2fba0bc272
commit
5c972fcc54
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -20,6 +20,7 @@ import java.io.File;
|
|||
import java.io.IOException;
|
||||
import java.net.URL;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
|
@ -80,7 +81,7 @@ public class ResourceEntityResolver extends DelegatingEntityResolver {
|
|||
if (source == null && systemId != null) {
|
||||
String resourcePath = null;
|
||||
try {
|
||||
String decodedSystemId = URLDecoder.decode(systemId, "UTF-8");
|
||||
String decodedSystemId = URLDecoder.decode(systemId, StandardCharsets.UTF_8);
|
||||
String givenUrl = new URL(decodedSystemId).toString();
|
||||
String systemRootUrl = new File("").toURI().toURL().toString();
|
||||
// Try relative to resource base if currently in system root.
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ import java.io.IOException;
|
|||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.io.StringReader;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.lang.reflect.GenericArrayType;
|
||||
import java.lang.reflect.ParameterizedType;
|
||||
import java.lang.reflect.Type;
|
||||
|
|
@ -1025,12 +1024,7 @@ public class Jaxb2Marshaller implements MimeMarshaller, MimeUnmarshaller, Generi
|
|||
public DataHandler getAttachmentAsDataHandler(String contentId) {
|
||||
if (contentId.startsWith(CID)) {
|
||||
contentId = contentId.substring(CID.length());
|
||||
try {
|
||||
contentId = URLDecoder.decode(contentId, "UTF-8");
|
||||
}
|
||||
catch (UnsupportedEncodingException ex) {
|
||||
// ignore
|
||||
}
|
||||
contentId = URLDecoder.decode(contentId, StandardCharsets.UTF_8);
|
||||
contentId = '<' + contentId + '>';
|
||||
}
|
||||
DataHandler dataHandler = this.mimeContainer.getAttachment(contentId);
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ package org.springframework.test.web.servlet.htmlunit;
|
|||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URL;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.Charset;
|
||||
|
|
@ -396,12 +395,7 @@ final class HtmlUnitRequestBuilder implements RequestBuilder, Mergeable {
|
|||
}
|
||||
|
||||
private String urlDecode(String value) {
|
||||
try {
|
||||
return URLDecoder.decode(value, "UTF-8");
|
||||
}
|
||||
catch (UnsupportedEncodingException ex) {
|
||||
throw new IllegalStateException(ex);
|
||||
}
|
||||
return URLDecoder.decode(value, StandardCharsets.UTF_8);
|
||||
}
|
||||
|
||||
private byte[] readAllBytes(File file) {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2020 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -16,9 +16,9 @@
|
|||
|
||||
package org.springframework.http.server.reactive;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
|
|
@ -158,15 +158,8 @@ public abstract class AbstractServerHttpRequest implements ServerHttpRequest {
|
|||
return queryParams;
|
||||
}
|
||||
|
||||
@SuppressWarnings("deprecation")
|
||||
private String decodeQueryParam(String value) {
|
||||
try {
|
||||
return URLDecoder.decode(value, "UTF-8");
|
||||
}
|
||||
catch (UnsupportedEncodingException ex) {
|
||||
// Should never happen but we got a platform default fallback anyway.
|
||||
return URLDecoder.decode(value);
|
||||
}
|
||||
return URLDecoder.decode(value, StandardCharsets.UTF_8);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@
|
|||
package org.springframework.web.reactive.resource;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.Arrays;
|
||||
|
|
@ -199,14 +198,14 @@ public class PathResourceResolver extends AbstractResourceResolver {
|
|||
if (resourcePath.contains("%")) {
|
||||
// Use URLDecoder (vs UriUtils) to preserve potentially decoded UTF-8 chars...
|
||||
try {
|
||||
String decodedPath = URLDecoder.decode(resourcePath, "UTF-8");
|
||||
String decodedPath = URLDecoder.decode(resourcePath, StandardCharsets.UTF_8);
|
||||
if (decodedPath.contains("../") || decodedPath.contains("..\\")) {
|
||||
logger.warn("Resolved resource path contains encoded \"../\" or \"..\\\": " + resourcePath);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
catch (IllegalArgumentException | UnsupportedEncodingException ex) {
|
||||
// Should never happen...
|
||||
catch (IllegalArgumentException ex) {
|
||||
// May not be possible to decode...
|
||||
}
|
||||
}
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@
|
|||
package org.springframework.web.reactive.resource;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.time.Instant;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
|
|
@ -534,7 +534,7 @@ public class ResourceWebHandler implements WebHandler, InitializingBean {
|
|||
if (path.contains("%")) {
|
||||
try {
|
||||
// Use URLDecoder (vs UriUtils) to preserve potentially decoded UTF-8 chars
|
||||
String decodedPath = URLDecoder.decode(path, "UTF-8");
|
||||
String decodedPath = URLDecoder.decode(path, StandardCharsets.UTF_8);
|
||||
if (isInvalidPath(decodedPath)) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -543,8 +543,8 @@ public class ResourceWebHandler implements WebHandler, InitializingBean {
|
|||
return true;
|
||||
}
|
||||
}
|
||||
catch (IllegalArgumentException | UnsupportedEncodingException ex) {
|
||||
// Should never happen...
|
||||
catch (IllegalArgumentException ex) {
|
||||
// May not be possible to decode...
|
||||
}
|
||||
}
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@
|
|||
package org.springframework.web.servlet.resource;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.Charset;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
|
@ -295,14 +294,14 @@ public class PathResourceResolver extends AbstractResourceResolver {
|
|||
if (resourcePath.contains("%")) {
|
||||
// Use URLDecoder (vs UriUtils) to preserve potentially decoded UTF-8 chars...
|
||||
try {
|
||||
String decodedPath = URLDecoder.decode(resourcePath, "UTF-8");
|
||||
String decodedPath = URLDecoder.decode(resourcePath, StandardCharsets.UTF_8);
|
||||
if (decodedPath.contains("../") || decodedPath.contains("..\\")) {
|
||||
logger.warn("Resolved resource path contains encoded \"../\" or \"..\\\": " + resourcePath);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
catch (IllegalArgumentException | UnsupportedEncodingException ex) {
|
||||
// May not be possible to decode... | Should never happen...
|
||||
catch (IllegalArgumentException ex) {
|
||||
// May not be possible to decode...
|
||||
}
|
||||
}
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -17,9 +17,9 @@
|
|||
package org.springframework.web.servlet.resource;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.Charset;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
|
|
@ -694,7 +694,7 @@ public class ResourceHttpRequestHandler extends WebContentGenerator
|
|||
if (path.contains("%")) {
|
||||
try {
|
||||
// Use URLDecoder (vs UriUtils) to preserve potentially decoded UTF-8 chars
|
||||
String decodedPath = URLDecoder.decode(path, "UTF-8");
|
||||
String decodedPath = URLDecoder.decode(path, StandardCharsets.UTF_8);
|
||||
if (isInvalidPath(decodedPath)) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -703,8 +703,8 @@ public class ResourceHttpRequestHandler extends WebContentGenerator
|
|||
return true;
|
||||
}
|
||||
}
|
||||
catch (IllegalArgumentException | UnsupportedEncodingException ex) {
|
||||
// May not be possible to decode... | Should never happen...
|
||||
catch (IllegalArgumentException ex) {
|
||||
// May not be possible to decode...
|
||||
}
|
||||
}
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
@ -17,6 +17,7 @@
|
|||
package org.springframework.web.servlet.support;
|
||||
|
||||
import java.net.URLEncoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
|
|
@ -291,7 +292,7 @@ public class FlashMapManagerTests {
|
|||
|
||||
@Test // SPR-12569
|
||||
public void flashAttributesWithQueryParamsWithSpace() throws Exception {
|
||||
String encodedValue = URLEncoder.encode("1 2", "UTF-8");
|
||||
String encodedValue = URLEncoder.encode("1 2", StandardCharsets.UTF_8);
|
||||
|
||||
FlashMap flashMap = new FlashMap();
|
||||
flashMap.put("key", "value");
|
||||
|
|
|
|||
Loading…
Reference in New Issue