HTTPCLIENT-1746: improved argument validation in URLEncodedUtils
git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1746751 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
da589ff03a
commit
8081dbdc02
|
@ -315,7 +315,7 @@ public class Request {
|
||||||
paramList.add(param);
|
paramList.add(param);
|
||||||
}
|
}
|
||||||
final ContentType contentType = ContentType.create(URLEncodedUtils.CONTENT_TYPE, charset);
|
final ContentType contentType = ContentType.create(URLEncodedUtils.CONTENT_TYPE, charset);
|
||||||
final String s = URLEncodedUtils.format(paramList, charset != null ? charset.name() : null);
|
final String s = URLEncodedUtils.format(paramList, charset);
|
||||||
return bodyString(s, contentType);
|
return bodyString(s, contentType);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -80,13 +80,16 @@ public class URLEncodedUtils {
|
||||||
* @param uri
|
* @param uri
|
||||||
* URI to parse
|
* URI to parse
|
||||||
* @param charset
|
* @param charset
|
||||||
* Charset name to use while parsing the query
|
* Charset to use while parsing the query
|
||||||
* @return a list of {@link NameValuePair} as built from the URI's query portion.
|
* @return a list of {@link NameValuePair} as built from the URI's query portion.
|
||||||
|
*
|
||||||
|
* @since 4.5
|
||||||
*/
|
*/
|
||||||
public static List <NameValuePair> parse(final URI uri, final String charset) {
|
public static List <NameValuePair> parse(final URI uri, final Charset charset) {
|
||||||
|
Args.notNull(uri, "URI");
|
||||||
final String query = uri.getRawQuery();
|
final String query = uri.getRawQuery();
|
||||||
if (query != null && !query.isEmpty()) {
|
if (query != null && !query.isEmpty()) {
|
||||||
return parse(query, Charset.forName(charset));
|
return parse(query, charset);
|
||||||
}
|
}
|
||||||
return Collections.emptyList();
|
return Collections.emptyList();
|
||||||
}
|
}
|
||||||
|
@ -105,6 +108,7 @@ public class URLEncodedUtils {
|
||||||
*/
|
*/
|
||||||
public static List <NameValuePair> parse(
|
public static List <NameValuePair> parse(
|
||||||
final HttpEntity entity) throws IOException {
|
final HttpEntity entity) throws IOException {
|
||||||
|
Args.notNull(entity, "HTTP entity");
|
||||||
final ContentType contentType = ContentType.get(entity);
|
final ContentType contentType = ContentType.get(entity);
|
||||||
if (contentType == null || !contentType.getMimeType().equalsIgnoreCase(CONTENT_TYPE)) {
|
if (contentType == null || !contentType.getMimeType().equalsIgnoreCase(CONTENT_TYPE)) {
|
||||||
return Collections.emptyList();
|
return Collections.emptyList();
|
||||||
|
@ -140,6 +144,7 @@ public class URLEncodedUtils {
|
||||||
* {@code application/x-www-form-urlencoded}.
|
* {@code application/x-www-form-urlencoded}.
|
||||||
*/
|
*/
|
||||||
public static boolean isEncoded(final HttpEntity entity) {
|
public static boolean isEncoded(final HttpEntity entity) {
|
||||||
|
Args.notNull(entity, "HTTP entity");
|
||||||
final ContentType contentType = ContentType.parse(entity.getContentType());
|
final ContentType contentType = ContentType.parse(entity.getContentType());
|
||||||
return contentType != null && CONTENT_TYPE.equalsIgnoreCase(contentType.getMimeType());
|
return contentType != null && CONTENT_TYPE.equalsIgnoreCase(contentType.getMimeType());
|
||||||
}
|
}
|
||||||
|
@ -157,6 +162,9 @@ public class URLEncodedUtils {
|
||||||
* @since 4.2
|
* @since 4.2
|
||||||
*/
|
*/
|
||||||
public static List<NameValuePair> parse(final String s, final Charset charset) {
|
public static List<NameValuePair> parse(final String s, final Charset charset) {
|
||||||
|
if (s == null) {
|
||||||
|
return Collections.emptyList();
|
||||||
|
}
|
||||||
final CharArrayBuffer buffer = new CharArrayBuffer(s.length());
|
final CharArrayBuffer buffer = new CharArrayBuffer(s.length());
|
||||||
buffer.append(s);
|
buffer.append(s);
|
||||||
return parse(buffer, charset, QP_SEP_A, QP_SEP_S);
|
return parse(buffer, charset, QP_SEP_A, QP_SEP_S);
|
||||||
|
@ -233,51 +241,6 @@ public class URLEncodedUtils {
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
|
||||||
* list of parameters in an HTTP PUT or HTTP POST.
|
|
||||||
*
|
|
||||||
* @param parameters The parameters to include.
|
|
||||||
* @param charset The encoding to use.
|
|
||||||
* @return An {@code application/x-www-form-urlencoded} string
|
|
||||||
*/
|
|
||||||
public static String format(
|
|
||||||
final List <? extends NameValuePair> parameters,
|
|
||||||
final String charset) {
|
|
||||||
return format(parameters, QP_SEP_A, charset);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
|
||||||
* list of parameters in an HTTP PUT or HTTP POST.
|
|
||||||
*
|
|
||||||
* @param parameters The parameters to include.
|
|
||||||
* @param parameterSeparator The parameter separator, by convention, {@code '&'} or {@code ';'}.
|
|
||||||
* @param charset The encoding to use.
|
|
||||||
* @return An {@code application/x-www-form-urlencoded} string
|
|
||||||
*
|
|
||||||
* @since 4.3
|
|
||||||
*/
|
|
||||||
public static String format(
|
|
||||||
final List <? extends NameValuePair> parameters,
|
|
||||||
final char parameterSeparator,
|
|
||||||
final String charset) {
|
|
||||||
final StringBuilder result = new StringBuilder();
|
|
||||||
for (final NameValuePair parameter : parameters) {
|
|
||||||
final String encodedName = encodeFormFields(parameter.getName(), charset);
|
|
||||||
final String encodedValue = encodeFormFields(parameter.getValue(), charset);
|
|
||||||
if (result.length() > 0) {
|
|
||||||
result.append(parameterSeparator);
|
|
||||||
}
|
|
||||||
result.append(encodedName);
|
|
||||||
if (encodedValue != null) {
|
|
||||||
result.append(NAME_VALUE_SEPARATOR);
|
|
||||||
result.append(encodedValue);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return result.toString();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
||||||
* list of parameters in an HTTP PUT or HTTP POST.
|
* list of parameters in an HTTP PUT or HTTP POST.
|
||||||
|
@ -309,6 +272,7 @@ public class URLEncodedUtils {
|
||||||
final Iterable<? extends NameValuePair> parameters,
|
final Iterable<? extends NameValuePair> parameters,
|
||||||
final char parameterSeparator,
|
final char parameterSeparator,
|
||||||
final Charset charset) {
|
final Charset charset) {
|
||||||
|
Args.notNull(parameters, "Parameters");
|
||||||
final StringBuilder result = new StringBuilder();
|
final StringBuilder result = new StringBuilder();
|
||||||
for (final NameValuePair parameter : parameters) {
|
for (final NameValuePair parameter : parameters) {
|
||||||
final String encodedName = encodeFormFields(parameter.getName(), charset);
|
final String encodedName = encodeFormFields(parameter.getName(), charset);
|
||||||
|
@ -499,20 +463,6 @@ public class URLEncodedUtils {
|
||||||
return charset.decode(bb).toString();
|
return charset.decode(bb).toString();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Decode/unescape www-url-form-encoded content.
|
|
||||||
*
|
|
||||||
* @param content the content to decode, will decode '+' as space
|
|
||||||
* @param charset the charset to use
|
|
||||||
* @return encoded string
|
|
||||||
*/
|
|
||||||
private static String decodeFormFields (final String content, final String charset) {
|
|
||||||
if (content == null) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
return urlDecode(content, charset != null ? Charset.forName(charset) : StandardCharsets.UTF_8, true);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Decode/unescape www-url-form-encoded content.
|
* Decode/unescape www-url-form-encoded content.
|
||||||
*
|
*
|
||||||
|
@ -527,24 +477,6 @@ public class URLEncodedUtils {
|
||||||
return urlDecode(content, charset != null ? charset : StandardCharsets.UTF_8, true);
|
return urlDecode(content, charset != null ? charset : StandardCharsets.UTF_8, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Encode/escape www-url-form-encoded content.
|
|
||||||
* <p>
|
|
||||||
* Uses the {@link #URLENCODER} set of characters, rather than
|
|
||||||
* the {@link #UNRESERVED} set; this is for compatibilty with previous
|
|
||||||
* releases, URLEncoder.encode() and most browsers.
|
|
||||||
*
|
|
||||||
* @param content the content to encode, will convert space to '+'
|
|
||||||
* @param charset the charset to use
|
|
||||||
* @return encoded string
|
|
||||||
*/
|
|
||||||
private static String encodeFormFields(final String content, final String charset) {
|
|
||||||
if (content == null) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
return urlEncode(content, charset != null ? Charset.forName(charset) : StandardCharsets.UTF_8, URLENCODER, true);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Encode/escape www-url-form-encoded content.
|
* Encode/escape www-url-form-encoded content.
|
||||||
* <p>
|
* <p>
|
||||||
|
|
|
@ -351,46 +351,46 @@ public class TestURLEncodedUtils {
|
||||||
@Test
|
@Test
|
||||||
public void testFormatString() throws Exception { // as above, using String
|
public void testFormatString() throws Exception { // as above, using String
|
||||||
final List <NameValuePair> params = new ArrayList<>();
|
final List <NameValuePair> params = new ArrayList<>();
|
||||||
Assert.assertEquals(0, URLEncodedUtils.format(params, "US-ASCII").length());
|
Assert.assertEquals(0, URLEncodedUtils.format(params, StandardCharsets.US_ASCII).length());
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name0", null));
|
params.add(new BasicNameValuePair("Name0", null));
|
||||||
Assert.assertEquals("Name0", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name0", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name1", "Value1"));
|
params.add(new BasicNameValuePair("Name1", "Value1"));
|
||||||
Assert.assertEquals("Name1=Value1", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name1=Value1", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name2", ""));
|
params.add(new BasicNameValuePair("Name2", ""));
|
||||||
Assert.assertEquals("Name2=", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name2=", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name4", "Value 4&"));
|
params.add(new BasicNameValuePair("Name4", "Value 4&"));
|
||||||
Assert.assertEquals("Name4=Value+4%26", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name4=Value+4%26", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name4", "Value+4&"));
|
params.add(new BasicNameValuePair("Name4", "Value+4&"));
|
||||||
Assert.assertEquals("Name4=Value%2B4%26", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name4=Value%2B4%26", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name4", "Value 4& =4"));
|
params.add(new BasicNameValuePair("Name4", "Value 4& =4"));
|
||||||
Assert.assertEquals("Name4=Value+4%26+%3D4", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name4=Value+4%26+%3D4", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name5", "aaa"));
|
params.add(new BasicNameValuePair("Name5", "aaa"));
|
||||||
params.add(new BasicNameValuePair("Name6", "bbb"));
|
params.add(new BasicNameValuePair("Name6", "bbb"));
|
||||||
Assert.assertEquals("Name5=aaa&Name6=bbb", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name5=aaa&Name6=bbb", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name7", "aaa"));
|
params.add(new BasicNameValuePair("Name7", "aaa"));
|
||||||
params.add(new BasicNameValuePair("Name7", "b,b"));
|
params.add(new BasicNameValuePair("Name7", "b,b"));
|
||||||
params.add(new BasicNameValuePair("Name7", "ccc"));
|
params.add(new BasicNameValuePair("Name7", "ccc"));
|
||||||
Assert.assertEquals("Name7=aaa&Name7=b%2Cb&Name7=ccc", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name7=aaa&Name7=b%2Cb&Name7=ccc", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
|
|
||||||
params.clear();
|
params.clear();
|
||||||
params.add(new BasicNameValuePair("Name8", "xx, yy ,zz"));
|
params.add(new BasicNameValuePair("Name8", "xx, yy ,zz"));
|
||||||
Assert.assertEquals("Name8=xx%2C++yy++%2Czz", URLEncodedUtils.format(params, "US-ASCII"));
|
Assert.assertEquals("Name8=xx%2C++yy++%2Czz", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||||
}
|
}
|
||||||
|
|
||||||
private List <NameValuePair> parse (final String params) {
|
private List <NameValuePair> parse (final String params) {
|
||||||
|
@ -398,7 +398,7 @@ public class TestURLEncodedUtils {
|
||||||
}
|
}
|
||||||
|
|
||||||
private List <NameValuePair> parseString (final String uri) throws Exception {
|
private List <NameValuePair> parseString (final String uri) throws Exception {
|
||||||
return URLEncodedUtils.parse(new URI("?"+uri), "UTF-8");
|
return URLEncodedUtils.parse(new URI("?"+uri), StandardCharsets.UTF_8);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static void assertNameValuePair (
|
private static void assertNameValuePair (
|
||||||
|
|
Loading…
Reference in New Issue