SEC-2888 AntPathRequestMatcher ignores variables in pattern when pattern

finishes with /**
2015-03-01 14:56:48 -05:00 · 2015-03-01 14:56:48 -05:00 · 85955015f7
parent e776a1fd35
commit 85955015f7
2 changed files with 24 additions and 3 deletions
--- a/web/src/main/java/org/springframework/security/web/util/matcher/AntPathRequestMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/matcher/AntPathRequestMatcher.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2012 the original author or authors.
+ * Copyright 2002-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
@ -102,8 +102,9 @@ public final class AntPathRequestMatcher implements RequestMatcher {
                pattern = pattern.toLowerCase();
            }

-            // If the pattern ends with {@code /**} and has no other wildcards, then optimize to a sub-path match
-            if (pattern.endsWith(MATCH_ALL) && pattern.indexOf('?') == -1 &&
+            // If the pattern ends with {@code /**} and has no other wildcards or path variables, then optimize to a sub-path match
+            // TODO: use spring-framework  AntPathMatcher.VARIABLE_PATTERN instead.           
+            if (pattern.endsWith(MATCH_ALL) && (pattern.indexOf('?') == -1 && pattern.indexOf('{') == -1 && pattern.indexOf('}') == -1) &&
                    pattern.indexOf("*") == pattern.length() - 2) {
                matcher = new SubpathMatcher(pattern.substring(0, pattern.length() - 3));
            } else {
--- a/web/src/test/java/org/springframework/security/web/util/matcher/AntPathRequestMatcherTests.java
+++ b/web/src/test/java/org/springframework/security/web/util/matcher/AntPathRequestMatcherTests.java
@ -71,6 +71,26 @@ public class AntPathRequestMatcherTests {
        assertTrue(matcher.matches(createRequest("/blah/blah")));
        assertFalse(matcher.matches(createRequest("/blah/bleh")));
        assertTrue(matcher.matches(createRequest("/blah/aaa/blah/bbb")));
+
+        matcher = new AntPathRequestMatcher("/{id}/blAh/**");
+        assertTrue(matcher.matches(createRequest("/1234/blah")));
+        assertFalse(matcher.matches(createRequest("/4567/bleh")));
+        assertTrue(matcher.matches(createRequest("/paskos/blah/")));
+        assertTrue(matcher.matches(createRequest("/12345/blah/xxx")));
+        assertFalse(matcher.matches(createRequest("/12345/blaha")));
+        assertFalse(matcher.matches(createRequest("/paskos/bleh/")));
+
+    }
+
+    @Test
+    public void trailingWildcardWithVariableMatchesCorrectly() {
+        AntPathRequestMatcher matcher = new AntPathRequestMatcher("/{id}/blAh/**");
+        assertTrue(matcher.matches(createRequest("/1234/blah")));
+        assertFalse(matcher.matches(createRequest("/4567/bleh")));
+        assertTrue(matcher.matches(createRequest("/paskos/blah/")));
+        assertTrue(matcher.matches(createRequest("/12345/blah/xxx")));
+        assertFalse(matcher.matches(createRequest("/12345/blaha")));
+        assertFalse(matcher.matches(createRequest("/paskos/bleh/")));
    }

    @Test