This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit 97aee6d8b0bf532ab5ae92257d8113085456ae6e
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Mon Oct 28 14:24:19 2024 +0100
Improved: small improvements in SecurityUtilTest
Just comments improvements
---
.../src/test/java/org/apache/ofbiz/security/SecurityUtilTest.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
a/framework/security/src/test/java/org/apache/ofbiz/security/SecurityUtilTest.java
b/framework/security/src/test/java/org/apache/ofbiz/security/SecurityUtilTest.java
index 2354a60b0c..7afc7f9966 100644
---
a/framework/security/src/test/java/org/apache/ofbiz/security/SecurityUtilTest.java
+++
b/framework/security/src/test/java/org/apache/ofbiz/security/SecurityUtilTest.java
@@ -64,7 +64,7 @@ public class SecurityUtilTest {
chmod,mkdir,fopen,fclose,new
file,upload,getfilename,download,getoutputstring,readfile,iframe,object,embed,onload,build,\
python,perl ,/perl,ruby
,/ruby,process,function,class,InputStream,to_server,wget
,static,assign,webappPath,\
ifconfig,route,crontab,netstat,uname
,hostname,iptables,whoami,"cmd",*cmd|,+cmd|,=cmd|,localhost,thread,require,gzdeflate,\
- execute,println,calc,touch,curl,base64,tcp
+ execute,println,calc,touch,curl,base64,tcp,4444
*/
try {
List<String> allowed = new ArrayList<>();
@@ -138,7 +138,7 @@ public class SecurityUtilTest {
assertFalse(SecuredUpload.isValidText("hostname", allowed));
assertFalse(SecuredUpload.isValidText("iptables", allowed));
assertFalse(SecuredUpload.isValidText("whoami", allowed));
- // ip, ls, nc, ip, cat and pwd can't be used, too short
+ // ip, ls, nc, ip, cat and pwd can't be used, too short for
allowing some images
assertFalse(SecuredUpload.isValidText("\"cmd\"", allowed));
assertFalse(SecuredUpload.isValidText("*cmd|", allowed));
assertFalse(SecuredUpload.isValidText("+cmd|", allowed));
