This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new dadb9b09b4 clean up org.apache.tomcat.util.http RequestUtil (#818)
dadb9b09b4 is described below
commit dadb9b09b4912e8fcca09fd9edb8a33768badaed
Author: 김민종 <[email protected]>
AuthorDate: Fri Feb 7 00:52:06 2025 +0900
clean up org.apache.tomcat.util.http RequestUtil (#818)
Cleanup RequestUtil with test case
---
java/org/apache/tomcat/util/http/RequestUtil.java | 15 ++++-----------
.../tomcat/util/http/TestRequestUtilSameOrigin.java | 10 ++++++++++
2 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/RequestUtil.java
b/java/org/apache/tomcat/util/http/RequestUtil.java
index fe4d1e639a..d8bbae5c81 100644
--- a/java/org/apache/tomcat/util/http/RequestUtil.java
+++ b/java/org/apache/tomcat/util/http/RequestUtil.java
@@ -123,19 +123,12 @@ public class RequestUtil {
// Build scheme://host:port from request
StringBuilder target = new StringBuilder();
String scheme = request.getScheme();
- if (scheme == null) {
- return false;
- } else {
- scheme = scheme.toLowerCase(Locale.ENGLISH);
- }
- target.append(scheme);
- target.append("://");
-
String host = request.getServerName();
- if (host == null) {
+ if (scheme == null || host == null) {
return false;
}
- target.append(host);
+ scheme = scheme.toLowerCase(Locale.ENGLISH);
+ target.append(scheme).append("://").append(host);
int port = request.getServerPort();
// Origin may or may not include the (default) port.
@@ -161,7 +154,7 @@ public class RequestUtil {
// Both scheme and host are case-insensitive but the CORS spec states
// this check should be case-sensitive
- return origin.equals(target.toString());
+ return origin.contentEquals(target);
}
diff --git a/test/org/apache/tomcat/util/http/TestRequestUtilSameOrigin.java
b/test/org/apache/tomcat/util/http/TestRequestUtilSameOrigin.java
index e47e7d80d3..40a9bde55a 100644
--- a/test/org/apache/tomcat/util/http/TestRequestUtilSameOrigin.java
+++ b/test/org/apache/tomcat/util/http/TestRequestUtilSameOrigin.java
@@ -42,6 +42,8 @@ public class TestRequestUtilSameOrigin {
TesterRequest request2 = new TesterRequest("ws", "example.com", 80);
TesterRequest request3 = new TesterRequest("http", "example.com", 443);
TesterRequest request4 = new TesterRequest("http", "example.com",
8080);
+ TesterRequest request5 = new TesterRequest(null, "example.com", 80);
+ TesterRequest request6 = new TesterRequest("http", null, 8080);
parameterSets.add(new Object[] { request1, "http://example.com";,
Boolean.TRUE });
parameterSets.add(new Object[] { request1, "http://example.com:80";,
Boolean.TRUE });
@@ -59,6 +61,14 @@ public class TestRequestUtilSameOrigin {
parameterSets.add(new Object[] { request4, "http://example.com:80";,
Boolean.FALSE });
parameterSets.add(new Object[] { request4, "http://example.com:8080";,
Boolean.TRUE});
+ parameterSets.add(new Object[]{ request5, "http://example.com:80";,
Boolean.FALSE});
+ parameterSets.add(new Object[]{ request5, "://example.com:80",
Boolean.FALSE});
+ parameterSets.add(new Object[]{ request5, "example.com:80",
Boolean.FALSE});
+
+ parameterSets.add(new Object[]{ request6, "http://example.com:80";,
Boolean.FALSE});
+ parameterSets.add(new Object[]{ request6, "http://:80";,
Boolean.FALSE});
+ parameterSets.add(new Object[]{ request6, "http://";, Boolean.FALSE});
+
return parameterSets;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
