svn commit: r1704278 - in /tomcat/trunk: java/org/apache/tomcat/util/descriptor/tld/ test/org/apache/tomcat/util/descriptor/tld/ test/tld/

Mon, 21 Sep 2015 05:05:56 -0700 

Author: markt
Date: Mon Sep 21 12:05:29 2015
New Revision: 1704278

URL: http://svn.apache.org/viewvc?rev=1704278&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58427
Enforce the spec defined limitations of which elements are allowed in an 
implicit.tld file

Added:
    
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/LocalStrings.properties 
  (with props)
    
tomcat/trunk/test/org/apache/tomcat/util/descriptor/tld/TestImplicitTldParser.java
   (with props)
    tomcat/trunk/test/tld/implicit-bad.tld   (with props)
    tomcat/trunk/test/tld/implicit-good.tld   (with props)
Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/ImplicitTldRuleSet.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/ImplicitTldRuleSet.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/ImplicitTldRuleSet.java?rev=1704278&r1=1704277&r2=1704278&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/ImplicitTldRuleSet.java 
(original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/ImplicitTldRuleSet.java 
Mon Sep 21 12:05:29 2015
@@ -19,6 +19,7 @@ package org.apache.tomcat.util.descripto
 import org.apache.tomcat.util.digester.Digester;
 import org.apache.tomcat.util.digester.Rule;
 import org.apache.tomcat.util.digester.RuleSetBase;
+import org.apache.tomcat.util.res.StringManager;
 import org.xml.sax.Attributes;
 
 /**
@@ -27,7 +28,15 @@ import org.xml.sax.Attributes;
  * Only version information used and short names are allowed.
  */
 public class ImplicitTldRuleSet extends RuleSetBase {
+
+    private static final StringManager sm = 
StringManager.getManager(ImplicitTldRuleSet.class);
+
     private static final String PREFIX = "taglib";
+    private static final String VALIDATOR_PREFIX = PREFIX + "/validator";
+    private static final String TAG_PREFIX = PREFIX + "/tag";
+    private static final String TAGFILE_PREFIX = PREFIX + "/tag-file";
+    private static final String FUNCTION_PREFIX = PREFIX + "/function";
+
 
     @Override
     public void addRuleInstances(Digester digester) {
@@ -47,5 +56,24 @@ public class ImplicitTldRuleSet extends
         digester.addCallMethod(PREFIX + "/shortname", "setShortName", 0);
         digester.addCallMethod(PREFIX + "/short-name", "setShortName", 0);
 
+        // Elements not permitted
+        digester.addRule(PREFIX + "/uri", new ElementNotAllowedRule());
+        digester.addRule(PREFIX + "/info", new ElementNotAllowedRule());
+        digester.addRule(PREFIX + "/description", new ElementNotAllowedRule());
+        digester.addRule(PREFIX + "/listener/listener-class", new 
ElementNotAllowedRule());
+
+        digester.addRule(VALIDATOR_PREFIX, new ElementNotAllowedRule());
+        digester.addRule(TAG_PREFIX, new ElementNotAllowedRule());
+        digester.addRule(TAGFILE_PREFIX, new ElementNotAllowedRule());
+        digester.addRule(FUNCTION_PREFIX, new ElementNotAllowedRule());
+    }
+
+
+    private static class ElementNotAllowedRule extends Rule {
+        @Override
+        public void begin(String namespace, String name, Attributes 
attributes) throws Exception {
+            throw new IllegalArgumentException(
+                    sm.getString("implicitTldRule.elementNotAllowed", name));
+        }
     }
 }

Added: 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/LocalStrings.properties?rev=1704278&view=auto
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/LocalStrings.properties 
(added)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/LocalStrings.properties 
Mon Sep 21 12:05:29 2015
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+implicitTldRule.elementNotAllowed=The element [{0}] is not permitted in an 
implicit.tld file
\ No newline at end of file

Propchange: 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/tld/LocalStrings.properties
------------------------------------------------------------------------------
    svn:eol-style = native

Added: 
tomcat/trunk/test/org/apache/tomcat/util/descriptor/tld/TestImplicitTldParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/descriptor/tld/TestImplicitTldParser.java?rev=1704278&view=auto
==============================================================================
--- 
tomcat/trunk/test/org/apache/tomcat/util/descriptor/tld/TestImplicitTldParser.java
 (added)
+++ 
tomcat/trunk/test/org/apache/tomcat/util/descriptor/tld/TestImplicitTldParser.java
 Mon Sep 21 12:05:29 2015
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.util.descriptor.tld;
+
+import java.io.File;
+import java.io.IOException;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import org.xml.sax.SAXException;
+
+public class TestImplicitTldParser {
+    private TldParser parser;
+
+    @Before
+    public void init() {
+        parser = new TldParser(true, true, new ImplicitTldRuleSet(), true);
+    }
+
+    @Test
+    public void testImpicitTldGood() throws Exception {
+        TaglibXml xml = parse("test/tld/implicit-good.tld");
+        Assert.assertEquals("1.0", xml.getTlibVersion());
+        Assert.assertEquals("2.1", xml.getJspVersion());
+        Assert.assertEquals("Ignored", xml.getShortName());
+    }
+
+    @Test
+    public void testImpicitTldBad() throws Exception {
+        TaglibXml xml = parse("test/tld/implicit-bad.tld");
+        Assert.assertEquals("1.0", xml.getTlibVersion());
+        Assert.assertEquals("2.1", xml.getJspVersion());
+        Assert.assertEquals("Ignored", xml.getShortName());
+    }
+
+    private TaglibXml parse(String pathname) throws IOException, SAXException {
+        File file = new File(pathname);
+        TldResourcePath path = new TldResourcePath(file.toURI().toURL(), null);
+        return parser.parse(path);
+    }
+
+}

Propchange: 
tomcat/trunk/test/org/apache/tomcat/util/descriptor/tld/TestImplicitTldParser.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: tomcat/trunk/test/tld/implicit-bad.tld
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/tld/implicit-bad.tld?rev=1704278&view=auto
==============================================================================
--- tomcat/trunk/test/tld/implicit-bad.tld (added)
+++ tomcat/trunk/test/tld/implicit-bad.tld Mon Sep 21 12:05:29 2015
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<taglib xmlns="http://java.sun.com/xml/ns/javaee";
+      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+      http://java.sun.com/xml/ns/javaee/web-jsptaglibrary_2_1.xsd";
+      version="2.1">
+  <tlib-version>1.0</tlib-version>
+  <short-name>Ignored</short-name>
+  <tag>
+    <name>Foo</name>
+    <tag-class>org.apache.tomcat.ignored.Anything.class</tag-class>
+    <body-content>empty</body-content>
+  </tag>
+</taglib>
\ No newline at end of file

Propchange: tomcat/trunk/test/tld/implicit-bad.tld
------------------------------------------------------------------------------
    svn:eol-style = native

Added: tomcat/trunk/test/tld/implicit-good.tld
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/tld/implicit-good.tld?rev=1704278&view=auto
==============================================================================
--- tomcat/trunk/test/tld/implicit-good.tld (added)
+++ tomcat/trunk/test/tld/implicit-good.tld Mon Sep 21 12:05:29 2015
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<taglib xmlns="http://java.sun.com/xml/ns/javaee";
+      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+      http://java.sun.com/xml/ns/javaee/web-jsptaglibrary_2_1.xsd";
+      version="2.1">
+  <tlib-version>1.0</tlib-version>
+  <short-name>Ignored</short-name>
+</taglib>
\ No newline at end of file

Propchange: tomcat/trunk/test/tld/implicit-good.tld
------------------------------------------------------------------------------
    svn:eol-style = native



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to