HTTPCLIENT-1746: improved argument validation in URLEncodedUtils
git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1746751 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
da589ff03a
commit
8081dbdc02
|
@ -315,7 +315,7 @@ public class Request {
|
|||
paramList.add(param);
|
||||
}
|
||||
final ContentType contentType = ContentType.create(URLEncodedUtils.CONTENT_TYPE, charset);
|
||||
final String s = URLEncodedUtils.format(paramList, charset != null ? charset.name() : null);
|
||||
final String s = URLEncodedUtils.format(paramList, charset);
|
||||
return bodyString(s, contentType);
|
||||
}
|
||||
|
||||
|
|
|
@ -80,13 +80,16 @@ public class URLEncodedUtils {
|
|||
* @param uri
|
||||
* URI to parse
|
||||
* @param charset
|
||||
* Charset name to use while parsing the query
|
||||
* Charset to use while parsing the query
|
||||
* @return a list of {@link NameValuePair} as built from the URI's query portion.
|
||||
*
|
||||
* @since 4.5
|
||||
*/
|
||||
public static List <NameValuePair> parse(final URI uri, final String charset) {
|
||||
public static List <NameValuePair> parse(final URI uri, final Charset charset) {
|
||||
Args.notNull(uri, "URI");
|
||||
final String query = uri.getRawQuery();
|
||||
if (query != null && !query.isEmpty()) {
|
||||
return parse(query, Charset.forName(charset));
|
||||
return parse(query, charset);
|
||||
}
|
||||
return Collections.emptyList();
|
||||
}
|
||||
|
@ -105,6 +108,7 @@ public class URLEncodedUtils {
|
|||
*/
|
||||
public static List <NameValuePair> parse(
|
||||
final HttpEntity entity) throws IOException {
|
||||
Args.notNull(entity, "HTTP entity");
|
||||
final ContentType contentType = ContentType.get(entity);
|
||||
if (contentType == null || !contentType.getMimeType().equalsIgnoreCase(CONTENT_TYPE)) {
|
||||
return Collections.emptyList();
|
||||
|
@ -140,6 +144,7 @@ public class URLEncodedUtils {
|
|||
* {@code application/x-www-form-urlencoded}.
|
||||
*/
|
||||
public static boolean isEncoded(final HttpEntity entity) {
|
||||
Args.notNull(entity, "HTTP entity");
|
||||
final ContentType contentType = ContentType.parse(entity.getContentType());
|
||||
return contentType != null && CONTENT_TYPE.equalsIgnoreCase(contentType.getMimeType());
|
||||
}
|
||||
|
@ -157,6 +162,9 @@ public class URLEncodedUtils {
|
|||
* @since 4.2
|
||||
*/
|
||||
public static List<NameValuePair> parse(final String s, final Charset charset) {
|
||||
if (s == null) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
final CharArrayBuffer buffer = new CharArrayBuffer(s.length());
|
||||
buffer.append(s);
|
||||
return parse(buffer, charset, QP_SEP_A, QP_SEP_S);
|
||||
|
@ -233,51 +241,6 @@ public class URLEncodedUtils {
|
|||
return list;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
||||
* list of parameters in an HTTP PUT or HTTP POST.
|
||||
*
|
||||
* @param parameters The parameters to include.
|
||||
* @param charset The encoding to use.
|
||||
* @return An {@code application/x-www-form-urlencoded} string
|
||||
*/
|
||||
public static String format(
|
||||
final List <? extends NameValuePair> parameters,
|
||||
final String charset) {
|
||||
return format(parameters, QP_SEP_A, charset);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
||||
* list of parameters in an HTTP PUT or HTTP POST.
|
||||
*
|
||||
* @param parameters The parameters to include.
|
||||
* @param parameterSeparator The parameter separator, by convention, {@code '&'} or {@code ';'}.
|
||||
* @param charset The encoding to use.
|
||||
* @return An {@code application/x-www-form-urlencoded} string
|
||||
*
|
||||
* @since 4.3
|
||||
*/
|
||||
public static String format(
|
||||
final List <? extends NameValuePair> parameters,
|
||||
final char parameterSeparator,
|
||||
final String charset) {
|
||||
final StringBuilder result = new StringBuilder();
|
||||
for (final NameValuePair parameter : parameters) {
|
||||
final String encodedName = encodeFormFields(parameter.getName(), charset);
|
||||
final String encodedValue = encodeFormFields(parameter.getValue(), charset);
|
||||
if (result.length() > 0) {
|
||||
result.append(parameterSeparator);
|
||||
}
|
||||
result.append(encodedName);
|
||||
if (encodedValue != null) {
|
||||
result.append(NAME_VALUE_SEPARATOR);
|
||||
result.append(encodedValue);
|
||||
}
|
||||
}
|
||||
return result.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a String that is suitable for use as an {@code application/x-www-form-urlencoded}
|
||||
* list of parameters in an HTTP PUT or HTTP POST.
|
||||
|
@ -309,6 +272,7 @@ public class URLEncodedUtils {
|
|||
final Iterable<? extends NameValuePair> parameters,
|
||||
final char parameterSeparator,
|
||||
final Charset charset) {
|
||||
Args.notNull(parameters, "Parameters");
|
||||
final StringBuilder result = new StringBuilder();
|
||||
for (final NameValuePair parameter : parameters) {
|
||||
final String encodedName = encodeFormFields(parameter.getName(), charset);
|
||||
|
@ -499,20 +463,6 @@ public class URLEncodedUtils {
|
|||
return charset.decode(bb).toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode/unescape www-url-form-encoded content.
|
||||
*
|
||||
* @param content the content to decode, will decode '+' as space
|
||||
* @param charset the charset to use
|
||||
* @return encoded string
|
||||
*/
|
||||
private static String decodeFormFields (final String content, final String charset) {
|
||||
if (content == null) {
|
||||
return null;
|
||||
}
|
||||
return urlDecode(content, charset != null ? Charset.forName(charset) : StandardCharsets.UTF_8, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode/unescape www-url-form-encoded content.
|
||||
*
|
||||
|
@ -527,24 +477,6 @@ public class URLEncodedUtils {
|
|||
return urlDecode(content, charset != null ? charset : StandardCharsets.UTF_8, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encode/escape www-url-form-encoded content.
|
||||
* <p>
|
||||
* Uses the {@link #URLENCODER} set of characters, rather than
|
||||
* the {@link #UNRESERVED} set; this is for compatibilty with previous
|
||||
* releases, URLEncoder.encode() and most browsers.
|
||||
*
|
||||
* @param content the content to encode, will convert space to '+'
|
||||
* @param charset the charset to use
|
||||
* @return encoded string
|
||||
*/
|
||||
private static String encodeFormFields(final String content, final String charset) {
|
||||
if (content == null) {
|
||||
return null;
|
||||
}
|
||||
return urlEncode(content, charset != null ? Charset.forName(charset) : StandardCharsets.UTF_8, URLENCODER, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encode/escape www-url-form-encoded content.
|
||||
* <p>
|
||||
|
|
|
@ -351,46 +351,46 @@ public class TestURLEncodedUtils {
|
|||
@Test
|
||||
public void testFormatString() throws Exception { // as above, using String
|
||||
final List <NameValuePair> params = new ArrayList<>();
|
||||
Assert.assertEquals(0, URLEncodedUtils.format(params, "US-ASCII").length());
|
||||
Assert.assertEquals(0, URLEncodedUtils.format(params, StandardCharsets.US_ASCII).length());
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name0", null));
|
||||
Assert.assertEquals("Name0", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name0", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name1", "Value1"));
|
||||
Assert.assertEquals("Name1=Value1", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name1=Value1", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name2", ""));
|
||||
Assert.assertEquals("Name2=", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name2=", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name4", "Value 4&"));
|
||||
Assert.assertEquals("Name4=Value+4%26", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name4=Value+4%26", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name4", "Value+4&"));
|
||||
Assert.assertEquals("Name4=Value%2B4%26", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name4=Value%2B4%26", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name4", "Value 4& =4"));
|
||||
Assert.assertEquals("Name4=Value+4%26+%3D4", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name4=Value+4%26+%3D4", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name5", "aaa"));
|
||||
params.add(new BasicNameValuePair("Name6", "bbb"));
|
||||
Assert.assertEquals("Name5=aaa&Name6=bbb", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name5=aaa&Name6=bbb", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name7", "aaa"));
|
||||
params.add(new BasicNameValuePair("Name7", "b,b"));
|
||||
params.add(new BasicNameValuePair("Name7", "ccc"));
|
||||
Assert.assertEquals("Name7=aaa&Name7=b%2Cb&Name7=ccc", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name7=aaa&Name7=b%2Cb&Name7=ccc", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
|
||||
params.clear();
|
||||
params.add(new BasicNameValuePair("Name8", "xx, yy ,zz"));
|
||||
Assert.assertEquals("Name8=xx%2C++yy++%2Czz", URLEncodedUtils.format(params, "US-ASCII"));
|
||||
Assert.assertEquals("Name8=xx%2C++yy++%2Czz", URLEncodedUtils.format(params, StandardCharsets.US_ASCII));
|
||||
}
|
||||
|
||||
private List <NameValuePair> parse (final String params) {
|
||||
|
@ -398,7 +398,7 @@ public class TestURLEncodedUtils {
|
|||
}
|
||||
|
||||
private List <NameValuePair> parseString (final String uri) throws Exception {
|
||||
return URLEncodedUtils.parse(new URI("?"+uri), "UTF-8");
|
||||
return URLEncodedUtils.parse(new URI("?"+uri), StandardCharsets.UTF_8);
|
||||
}
|
||||
|
||||
private static void assertNameValuePair (
|
||||
|
|
Loading…
Reference in New Issue