[prev in list] [next in list] [prev in thread] [next in thread]
List: httpcomponents-commits
Subject: [httpcomponents-client] 01/01: Incorrect handling of malformed authority component by URIUtils#extra
From: olegk () apache ! org
Date: 2020-09-30 8:50:31
Message-ID: 20200930085030.C135C82908 () gitbox ! apache ! org
[Download RAW message or body]
This is an automated email from the ASF dual-hosted git repository.
olegk pushed a commit to branch 5.0.x
in repository https://gitbox.apache.org/repos/asf/httpcomponents-client.git
commit 894234a5aeb9958e7e466c383e4d0ded17a9a813
Author: Oleg Kalnichevski <olegk@apache.org>
AuthorDate: Tue Sep 29 09:37:38 2020 +0200
Incorrect handling of malformed authority component by URIUtils#extractHost
---
.../org/apache/hc/client5/http/utils/URIUtils.java | 69 +++++++++-------------
.../apache/hc/client5/http/utils/TestURIUtils.java | 6 +-
2 files changed, 32 insertions(+), 43 deletions(-)
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/utils/URIUtils.java \
b/httpclient5/src/main/java/org/apache/hc/client5/http/utils/URIUtils.java index \
bf53275..9ef8112 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/utils/URIUtils.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/utils/URIUtils.java
@@ -250,56 +250,43 @@ public class URIUtils {
if (uri == null) {
return null;
}
- HttpHost target = null;
if (uri.isAbsolute()) {
- int port = uri.getPort(); // may be overridden later
- String host = uri.getHost();
- if (host == null) { // normal parse failed; let's do it ourselves
+ if (uri.getHost() == null) { // normal parse failed; let's do it \
ourselves
// authority does not seem to care about the valid character-set for \
host names
- host = uri.getAuthority();
- if (host != null) {
+ if (uri.getAuthority() != null) {
+ String content = uri.getAuthority();
// Strip off any leading user credentials
- final int at = host.indexOf('@');
- if (at >= 0) {
- if (host.length() > at+1 ) {
- host = host.substring(at+1);
- } else {
- host = null; // @ on its own
- }
+ int at = content.indexOf('@');
+ if (at != -1) {
+ content = content.substring(at + 1);
}
- // Extract the port suffix, if present
- if (host != null) {
- final int colon = host.indexOf(':');
- if (colon >= 0) {
- final int pos = colon + 1;
- int len = 0;
- for (int i = pos; i < host.length(); i++) {
- if (Character.isDigit(host.charAt(i))) {
- len++;
- } else {
- break;
- }
- }
- if (len > 0) {
- try {
- port = Integer.parseInt(host.substring(pos, pos \
+ len));
- } catch (final NumberFormatException ex) {
- }
- }
- host = host.substring(0, colon);
+ final String scheme = uri.getScheme();
+ final String hostname;
+ final int port;
+ at = content.indexOf(":");
+ if (at != -1) {
+ hostname = content.substring(0, at);
+ try {
+ final String portText = content.substring(at + 1);
+ port = !TextUtils.isEmpty(portText) ? \
Integer.parseInt(portText) : -1; + } catch (final \
NumberFormatException ex) { + return null;
}
+ } else {
+ hostname = content;
+ port = -1;
+ }
+ try {
+ return new HttpHost(scheme, hostname, port);
+ } catch (final IllegalArgumentException ex) {
+ return null;
}
}
- }
- final String scheme = uri.getScheme();
- if (!TextUtils.isBlank(host)) {
- try {
- target = new HttpHost(scheme, host, port);
- } catch (final IllegalArgumentException ignore) {
- }
+ } else {
+ return new HttpHost(uri.getScheme(), uri.getHost(), uri.getPort());
}
}
- return target;
+ return null;
}
/**
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/utils/TestURIUtils.java \
b/httpclient5/src/test/java/org/apache/hc/client5/http/utils/TestURIUtils.java index \
e2d0340..6912840 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/utils/TestURIUtils.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/utils/TestURIUtils.java
@@ -230,14 +230,16 @@ public class TestURIUtils {
Assert.assertEquals(new HttpHost("localhost",8080),
URIUtils.extractHost(new \
URI("http://localhost:8080/;sessionid=stuff/abcd")));
- Assert.assertEquals(new HttpHost("localhost",8080),
+ Assert.assertEquals(null,
URIUtils.extractHost(new \
URI("http://localhost:8080;sessionid=stuff/abcd")));
- Assert.assertEquals(new HttpHost("localhost",-1),
+ Assert.assertEquals(null,
URIUtils.extractHost(new \
URI("http://localhost:;sessionid=stuff/abcd"))); Assert.assertEquals(null,
URIUtils.extractHost(new URI("http://:80/robots.txt")));
Assert.assertEquals(null,
URIUtils.extractHost(new \
URI("http://some%20domain:80/robots.txt"))); + Assert.assertEquals(null,
+ URIUtils.extractHost(new \
URI("http://blah@goggle.com:80@google.com/"))); }
@Test
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic