This is an automated email from the ASF dual-hosted git repository. pedro pushed a commit to branch wicket-8.x in repository https://gitbox.apache.org/repos/asf/wicket.git
commit 87af5c2d1ba14448045193a5f56560f5a7e40af0 Author: Pedro Santos <[email protected]> AuthorDate: Thu Jan 9 22:26:20 2025 -0300 WICKET-7137 sanitizer tests --- .../request/resource/ResourceUrlSanitizerTest.java | 75 ++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/wicket-core/src/test/java/org/apache/wicket/request/resource/ResourceUrlSanitizerTest.java b/wicket-core/src/test/java/org/apache/wicket/request/resource/ResourceUrlSanitizerTest.java new file mode 100644 index 0000000000..7121013913 --- /dev/null +++ b/wicket-core/src/test/java/org/apache/wicket/request/resource/ResourceUrlSanitizerTest.java @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.wicket.request.resource; + +import org.apache.wicket.util.tester.WicketTestCase; +import org.junit.Test; + +/** + * @author Pedro Santos + */ +public class ResourceUrlSanitizerTest extends WicketTestCase +{ + + @Test + public void appCanRunWithNoSanitizer() + { + + tester.getApplication().getResourceSettings().setUrlSanitizer(null); + + tester.executeUrl( + "wicket/resource/org.apache.wicket.request.resource.PackageResourceReferenceTest/a.css"); + + assertFalse(tester.getLastResponseAsString().isEmpty()); + } + + @Test + public void createAResourceOutsideTheCache() + { + + tester.getApplication().getResourceSettings() + .setUrlSanitizer(new PackageResourceUrlSanitizer()); + + tester.executeUrl( + "wicket/resource/org.apache.wicket.request.resource.PackageResourceReferenceTest/a.css"); + + assertFalse(tester.getLastResponseAsString().isEmpty()); + } + + @Test + public void dontCreateAResourceOutsideTheCache() + { + + tester.getApplication().getResourceSettings().setUrlSanitizer(new EveryInputAsDirty()); + + tester.executeUrl( + "wicket/resource/org.apache.wicket.request.resource.PackageResourceReferenceTest/a.css"); + + assertTrue(tester.getLastResponseAsString().isEmpty()); + } + + static class EveryInputAsDirty implements IResourceUrlSanitizer + { + @Override + public ResourceReference.UrlAttributes sanitize( + ResourceReference.UrlAttributes urlAttributes, Class<?> scope, String name) + { + return null; + } + } + +} \ No newline at end of file
