root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

SPR-7427 - URL in a redirect is not escaped by RedirectView

This commit is contained in:
Arjen Poutsma 2010-08-11 11:44:44 +00:00
parent ac1d2d93d6
commit 6e303d25c4
2 changed files with 60 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
org.springframework.web.servlet/src/main/java/org/springframework/web/servlet/view/RedirectView.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2008 the original author or authors. * Copyright 2002-2010 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -19,7 +19,6 @@ package org.springframework.web.servlet.view;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.lang.reflect.Array; import java.lang.reflect.Array;
import java.net.URLEncoder;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.Collections;
@ -30,10 +29,11 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.BeanUtils; import org.springframework.beans.BeanUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.web.util.WebUtils;
import org.springframework.web.servlet.View;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.util.ObjectUtils;
import org.springframework.web.servlet.View;
import org.springframework.web.util.UriUtils;
import org.springframework.web.util.WebUtils;
/** /**
* <p>View that redirects to an absolute, context relative, or current request * <p>View that redirects to an absolute, context relative, or current request
@ -207,14 +207,26 @@ public class RedirectView extends AbstractUrlBasedView {
Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) Map<String, Object> model, HttpServletRequest request, HttpServletResponse response)
throws IOException { throws IOException {
String encoding = getEncoding(request);
// Prepare target URL. // Prepare target URL.
StringBuilder targetUrl = new StringBuilder(); StringBuilder targetUrl = new StringBuilder();
if (this.contextRelative && getUrl().startsWith("/")) { if (this.contextRelative && getUrl().startsWith("/")) {
// Do not apply context path to relative URLs. // Do not apply context path to relative URLs.
targetUrl.append(request.getContextPath()); targetUrl.append(UriUtils.encodePath(request.getContextPath(), encoding));
targetUrl.append(UriUtils.encodePath(getUrl(), encoding));
}
else {
targetUrl.append(UriUtils.encodeUri(getUrl(), encoding));
} }
targetUrl.append(getUrl());
if (this.exposeModelAttributes) { if (this.exposeModelAttributes) {
appendQueryProperties(targetUrl, model, encoding);
}
sendRedirect(request, response, targetUrl.toString(), this.http10Compatible);
}
private String getEncoding(HttpServletRequest request) {
String enc = this.encodingScheme; String enc = this.encodingScheme;
if (enc == null) { if (enc == null) {
enc = request.getCharacterEncoding(); enc = request.getCharacterEncoding();
@ -222,10 +234,7 @@ public class RedirectView extends AbstractUrlBasedView {
if (enc == null) { if (enc == null) {
enc = WebUtils.DEFAULT_CHARACTER_ENCODING; enc = WebUtils.DEFAULT_CHARACTER_ENCODING;
} }
appendQueryProperties(targetUrl, model, enc); return enc;
}
sendRedirect(request, response, targetUrl.toString(), this.http10Compatible);
} }
/** /**
@ -271,8 +280,8 @@ public class RedirectView extends AbstractUrlBasedView {
else { else {
targetUrl.append('&'); targetUrl.append('&');
} }
String encodedKey = urlEncode(entry.getKey(), encodingScheme); String encodedKey = UriUtils.encodeQueryParam(entry.getKey(), encodingScheme);
String encodedValue = (value != null ? urlEncode(value.toString(), encodingScheme) : ""); String encodedValue = (value != null ? UriUtils.encodeQueryParam(value.toString(), encodingScheme) : "");
targetUrl.append(encodedKey).append('=').append(encodedValue); targetUrl.append(encodedKey).append('=').append(encodedValue);
} }
} }
@ -363,20 +372,6 @@ public class RedirectView extends AbstractUrlBasedView {
return (value != null && BeanUtils.isSimpleValueType(value.getClass())); return (value != null && BeanUtils.isSimpleValueType(value.getClass()));
} }
/**
* URL-encode the given input String with the given encoding scheme.
* <p>The default implementation uses <code>URLEncoder.encode(input, enc)</code>.
* @param input the unencoded input String
* @param encodingScheme the encoding scheme
* @return the encoded output String
* @throws UnsupportedEncodingException if thrown by the JDK URLEncoder
* @see java.net.URLEncoder#encode(String, String)
* @see java.net.URLEncoder#encode(String)
*/
protected String urlEncode(String input, String encodingScheme) throws UnsupportedEncodingException {
return (input != null ? URLEncoder.encode(input, encodingScheme) : null);
}
/** /**
* Send a redirect back to the HTTP client * Send a redirect back to the HTTP client
* @param request current HTTP request (allows for reacting to request method) * @param request current HTTP request (allows for reacting to request method)

68
org.springframework.web.servlet/src/test/java/org/springframework/web/servlet/view/RedirectViewTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2008 the original author or authors. * Copyright 2002-2010 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -18,14 +18,13 @@ package org.springframework.web.servlet.view;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import junit.framework.AssertionFailedError; import junit.framework.AssertionFailedError;
import org.easymock.MockControl; import static org.easymock.EasyMock.*;
import static org.junit.Assert.*; import static org.junit.Assert.*;
import org.junit.Test; import org.junit.Test;
@ -34,6 +33,7 @@ import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.web.servlet.View; import org.springframework.web.servlet.View;
import org.springframework.web.util.WebUtils;
/** /**
* Tests for redirect view, and query string construction. * Tests for redirect view, and query string construction.
@ -60,7 +60,7 @@ public class RedirectViewTests {
rv.setHttp10Compatible(false); rv.setHttp10Compatible(false);
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
rv.render(new HashMap(), request, response); rv.render(new HashMap<String, Object>(), request, response);
assertEquals(303, response.getStatus()); assertEquals(303, response.getStatus());
assertEquals("http://url.somewhere.com", response.getHeader("Location")); assertEquals("http://url.somewhere.com", response.getHeader("Location"));
} }
@ -73,7 +73,7 @@ public class RedirectViewTests {
rv.setStatusCode(HttpStatus.CREATED); rv.setStatusCode(HttpStatus.CREATED);
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest();
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
rv.render(new HashMap(), request, response); rv.render(new HashMap<String, Object>(), request, response);
assertEquals(201, response.getStatus()); assertEquals(201, response.getStatus());
assertEquals("http://url.somewhere.com", response.getHeader("Location")); assertEquals("http://url.somewhere.com", response.getHeader("Location"));
} }
@ -86,7 +86,7 @@ public class RedirectViewTests {
MockHttpServletRequest request = new MockHttpServletRequest(); MockHttpServletRequest request = new MockHttpServletRequest();
request.setAttribute(View.RESPONSE_STATUS_ATTRIBUTE, HttpStatus.CREATED); request.setAttribute(View.RESPONSE_STATUS_ATTRIBUTE, HttpStatus.CREATED);
MockHttpServletResponse response = new MockHttpServletResponse(); MockHttpServletResponse response = new MockHttpServletResponse();
rv.render(new HashMap(), request, response); rv.render(new HashMap<String, Object>(), request, response);
assertEquals(201, response.getStatus()); assertEquals(201, response.getStatus());
assertEquals("http://url.somewhere.com", response.getHeader("Location")); assertEquals("http://url.somewhere.com", response.getHeader("Location"));
} }
@ -94,13 +94,13 @@ public class RedirectViewTests {
@Test @Test
public void emptyMap() throws Exception { public void emptyMap() throws Exception {
String url = "/myUrl"; String url = "/myUrl";
doTest(new HashMap(), url, false, url); doTest(new HashMap<String, Object>(), url, false, url);
} }
@Test @Test
public void emptyMapWithContextRelative() throws Exception { public void emptyMapWithContextRelative() throws Exception {
String url = "/myUrl"; String url = "/myUrl";
doTest(new HashMap(), url, true, url); doTest(new HashMap<String, Object>(), url, true, url);
} }
@Test @Test
@ -108,7 +108,7 @@ public class RedirectViewTests {
String url = "http://url.somewhere.com"; String url = "http://url.somewhere.com";
String key = "foo"; String key = "foo";
String val = "bar"; String val = "bar";
Map model = new HashMap(); Map<String, String> model = new HashMap<String, String>();
model.put(key, val); model.put(key, val);
String expectedUrlForEncoding = url + "?" + key + "=" + val; String expectedUrlForEncoding = url + "?" + key + "=" + val;
doTest(model, url, false, expectedUrlForEncoding); doTest(model, url, false, expectedUrlForEncoding);
@ -119,7 +119,7 @@ public class RedirectViewTests {
String url = "http://url.somewhere.com"; String url = "http://url.somewhere.com";
String key = "foo"; String key = "foo";
String val = "bar"; String val = "bar";
Map model = new HashMap(); Map<String, String> model = new HashMap<String, String>();
model.put(key, val); model.put(key, val);
String expectedUrlForEncoding = url; // + "?" + key + "=" + val; String expectedUrlForEncoding = url; // + "?" + key + "=" + val;
doTest(model, url, false, false, expectedUrlForEncoding); doTest(model, url, false, false, expectedUrlForEncoding);
@ -130,7 +130,7 @@ public class RedirectViewTests {
String url = "http://url.somewhere.com/test.htm#myAnchor"; String url = "http://url.somewhere.com/test.htm#myAnchor";
String key = "foo"; String key = "foo";
String val = "bar"; String val = "bar";
Map model = new HashMap(); Map<String, String> model = new HashMap<String, String>();
model.put(key, val); model.put(key, val);
String expectedUrlForEncoding = "http://url.somewhere.com/test.htm" + "?" + key + "=" + val + "#myAnchor"; String expectedUrlForEncoding = "http://url.somewhere.com/test.htm" + "?" + key + "=" + val + "#myAnchor";
doTest(model, url, false, expectedUrlForEncoding); doTest(model, url, false, expectedUrlForEncoding);
@ -143,7 +143,7 @@ public class RedirectViewTests {
String val = "bar"; String val = "bar";
String key2 = "thisIsKey2"; String key2 = "thisIsKey2";
String val2 = "andThisIsVal2"; String val2 = "andThisIsVal2";
Map model = new HashMap(); Map<String, String> model = new HashMap<String, String>();
model.put(key, val); model.put(key, val);
model.put(key2, val2); model.put(key2, val2);
try { try {
@ -162,7 +162,7 @@ public class RedirectViewTests {
String url = "http://url.somewhere.com"; String url = "http://url.somewhere.com";
String key = "foo"; String key = "foo";
String[] val = new String[] {"bar", "baz"}; String[] val = new String[] {"bar", "baz"};
Map model = new HashMap(); Map<String, String[]> model = new HashMap<String, String[]>();
model.put(key, val); model.put(key, val);
try { try {
String expectedUrlForEncoding = "http://url.somewhere.com?" + key + "=" + val[0] + "&" + key + "=" + val[1]; String expectedUrlForEncoding = "http://url.somewhere.com?" + key + "=" + val[0] + "&" + key + "=" + val[1];
@ -179,10 +179,10 @@ public class RedirectViewTests {
public void collectionParam() throws Exception { public void collectionParam() throws Exception {
String url = "http://url.somewhere.com"; String url = "http://url.somewhere.com";
String key = "foo"; String key = "foo";
List val = new ArrayList(); List<String> val = new ArrayList<String>();
val.add("bar"); val.add("bar");
val.add("baz"); val.add("baz");
Map model = new HashMap(); Map<String, List<String>> model = new HashMap<String, List<String>>();
model.put(key, val); model.put(key, val);
try { try {
String expectedUrlForEncoding = "http://url.somewhere.com?" + key + "=" + val.get(0) + "&" + key + "=" + val.get(1); String expectedUrlForEncoding = "http://url.somewhere.com?" + key + "=" + val.get(0) + "&" + key + "=" + val.get(1);
@ -202,9 +202,9 @@ public class RedirectViewTests {
String val = "bar"; String val = "bar";
String key2 = "int2"; String key2 = "int2";
Object val2 = new Long(611); Object val2 = new Long(611);
Object key3 = "tb"; String key3 = "tb";
Object val3 = new TestBean(); Object val3 = new TestBean();
Map model = new LinkedHashMap(); Map<String, Object> model = new HashMap<String, Object>();
model.put(key, val); model.put(key, val);
model.put(key2, val2); model.put(key2, val2);
model.put(key3, val3); model.put(key3, val3);
@ -212,7 +212,7 @@ public class RedirectViewTests {
doTest(model, url, false, expectedUrlForEncoding); doTest(model, url, false, expectedUrlForEncoding);
} }
private void doTest(Map map, String url, boolean contextRelative, String expectedUrlForEncoding) private void doTest(Map<String, ?> map, String url, boolean contextRelative, String expectedUrlForEncoding)
throws Exception { throws Exception {
doTest(map, url, contextRelative, true, expectedUrlForEncoding); doTest(map, url, contextRelative, true, expectedUrlForEncoding);
} }
@ -227,7 +227,8 @@ public class RedirectViewTests {
/** /**
* Test whether this callback method is called with correct args * Test whether this callback method is called with correct args
*/ */
protected Map queryProperties(Map model) { @Override
protected Map<String, Object> queryProperties(Map<String, Object> model) {
// They may not be the same model instance, but they're still equal // They may not be the same model instance, but they're still equal
assertTrue("Map and model must be equal.", map.equals(model)); assertTrue("Map and model must be equal.", map.equals(model));
this.queryPropertiesCalled = true; this.queryPropertiesCalled = true;
@ -240,30 +241,27 @@ public class RedirectViewTests {
rv.setContextRelative(contextRelative); rv.setContextRelative(contextRelative);
rv.setExposeModelAttributes(exposeModelAttributes); rv.setExposeModelAttributes(exposeModelAttributes);
MockControl requestControl = MockControl.createControl(HttpServletRequest.class); HttpServletRequest request = createNiceMock("request", HttpServletRequest.class);
HttpServletRequest request = (HttpServletRequest) requestControl.getMock(); if (exposeModelAttributes) {
request.getCharacterEncoding(); expect(request.getCharacterEncoding()).andReturn(WebUtils.DEFAULT_CHARACTER_ENCODING);
requestControl.setReturnValue(null, 1); }
if (contextRelative) { if (contextRelative) {
expectedUrlForEncoding = "/context" + expectedUrlForEncoding; expectedUrlForEncoding = "/context" + expectedUrlForEncoding;
request.getContextPath(); expect(request.getContextPath()).andReturn("/context");
requestControl.setReturnValue("/context");
} }
requestControl.replay();
MockControl responseControl = MockControl.createControl(HttpServletResponse.class); HttpServletResponse response = createMock("response", HttpServletResponse.class);
HttpServletResponse resp = (HttpServletResponse) responseControl.getMock(); expect(response.encodeRedirectURL(expectedUrlForEncoding)).andReturn(expectedUrlForEncoding);
resp.encodeRedirectURL(expectedUrlForEncoding); response.sendRedirect(expectedUrlForEncoding);
responseControl.setReturnValue(expectedUrlForEncoding);
resp.sendRedirect(expectedUrlForEncoding);
responseControl.setVoidCallable(1);
responseControl.replay();
rv.render(map, request, resp); replay(request, response);
rv.render(map, request, response);
if (exposeModelAttributes) { if (exposeModelAttributes) {
assertTrue("queryProperties() should have been called.", rv.queryPropertiesCalled); assertTrue("queryProperties() should have been called.", rv.queryPropertiesCalled);
} }
responseControl.verify();
verify(request, response);
} }
} }