Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
github
/
spring-security
peilaus alkaen https://github.com/spring-projects/spring-security
2
0
Fork 0
Tiedostot Ongelmat 0 Wiki
Selaa lähdekoodia

SEC-1714: RegexRequestMatcher should prepend question mark to query string.

Luke Taylor 14 vuotta sitten
vanhempi
49dd928faa
commit
ef72dd1986
2 muutettua tiedostoa jossa 45 lisäystä ja 2 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 2 2
      web/src/main/java/org/springframework/security/web/util/RegexRequestMatcher.java
  2. 43 0
      web/src/test/java/org/springframework/security/web/util/RegexRequestMatcherTests.java

+ 2 - 2
web/src/main/java/org/springframework/security/web/util/RegexRequestMatcher.java
Näytä tiedosto 

@@ -55,7 +55,7 @@ public final class RegexRequestMatcher implements RequestMatcher {
 
 
     /**
 
      * Performs the match of the request URL ({@code servletPath + pathInfo + queryString}) against
 
-     * the compiled pattern.
 
+     * the compiled pattern. If the query string is present, a question mark will be prepended.
 
      *
 
      * @param request the request to match
 
      * @return true if the pattern matches the URL, false otherwise.
 
@@ -77,7 +77,7 @@ public final class RegexRequestMatcher implements RequestMatcher {
 
             }
 
 
             if (query != null) {
 
-                sb.append(query);
 
+                sb.append('?').append(query);
 
             }
 
             url = sb.toString();
 
         }

+ 43 - 0
web/src/test/java/org/springframework/security/web/util/RegexRequestMatcherTests.java
Näytä tiedosto 

@@ -0,0 +1,43 @@
 
+package org.springframework.security.web.util;
 
+
 
+import static org.junit.Assert.*;
 
+
 
+import org.junit.*;
 
+import org.springframework.mock.web.MockHttpServletRequest;
 
+
 
+/**
 
+ * @author Luke Taylor
 
+ */
 
+public class RegexRequestMatcherTests {
 
+
 
+    @Test
 
+    public void doesntMatchIfHttpMethodIsDifferent() throws Exception {
 
+        RegexRequestMatcher matcher = new RegexRequestMatcher(".*", "GET");
 
+
 
+        MockHttpServletRequest request = new MockHttpServletRequest("POST", "/anything");
 
+
 
+        assertFalse(matcher.matches(request));
 
+    }
 
+
 
+    @Test
 
+    public void matchesIfHttpMethodAndPathMatch() throws Exception {
 
+        RegexRequestMatcher matcher = new RegexRequestMatcher(".*", "GET");
 
+
 
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", "/anything");
 
+        request.setServletPath("/anything");
 
+
 
+        assertTrue(matcher.matches(request));
 
+    }
 
+
 
+    @Test
 
+    public void queryStringIsMatcherCorrectly() throws Exception {
 
+        RegexRequestMatcher matcher = new RegexRequestMatcher(".*\\?x=y", "GET");
 
+
 
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", "/any/path?x=y");
 
+        request.setServletPath("/any");
 
+        request.setPathInfo("/path");
 
+        request.setQueryString("x=y");
 
+
 
+        assertTrue(matcher.matches(request));
 
+    }
 
+}