svn commit: r1596551 - in /tomcat/trunk/test/javax/servlet/http: TestCookie.java TestCookieNetscapeValidator.java TestCookieRFC2109Validator.java TestCookieStrict.java

Wed, 21 May 2014 05:21:13 -0700 

Author: markt
Date: Wed May 21 12:20:23 2014
New Revision: 1596551

URL: http://svn.apache.org/r1596551
Log:
Apply patch 02 from jboynes to improve cookie handling.
Refactor cookie tests to test each CookieNameValidator directly.
I made a few additional changes.
The patch should be safe since it only impacts the unit tests.

Added:
    tomcat/trunk/test/javax/servlet/http/TestCookieNetscapeValidator.java   
(with props)
    tomcat/trunk/test/javax/servlet/http/TestCookieRFC2109Validator.java   
(with props)
Modified:
    tomcat/trunk/test/javax/servlet/http/TestCookie.java
    tomcat/trunk/test/javax/servlet/http/TestCookieStrict.java

Modified: tomcat/trunk/test/javax/servlet/http/TestCookie.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/javax/servlet/http/TestCookie.java?rev=1596551&r1=1596550&r2=1596551&view=diff
==============================================================================
--- tomcat/trunk/test/javax/servlet/http/TestCookie.java (original)
+++ tomcat/trunk/test/javax/servlet/http/TestCookie.java Wed May 21 12:20:23 
2014
@@ -30,8 +30,6 @@ public class TestCookie {
     public static final BitSet SEPARATORS;
     public static final BitSet TOKEN; // 1*<any CHAR except CTLs or separators>
 
-    public static final BitSet NETSCAPE_NAME; // "any character except comma, 
semicolon and whitespace"
-
     static {
         CHAR = new BitSet(256);
         CHAR.set(0, 128);
@@ -49,13 +47,6 @@ public class TestCookie {
         TOKEN.or(CHAR); // any CHAR
         TOKEN.andNot(CTL); // except CTLs
         TOKEN.andNot(SEPARATORS); // or separators
-
-        NETSCAPE_NAME = new BitSet(256);
-        NETSCAPE_NAME.or(CHAR);
-        NETSCAPE_NAME.andNot(CTL);
-        NETSCAPE_NAME.clear(';');
-        NETSCAPE_NAME.clear(',');
-        NETSCAPE_NAME.clear(' ');
     }
 
     @Test
@@ -75,10 +66,6 @@ public class TestCookie {
         Assert.assertEquals(0, cookie.getVersion());
     }
 
-    @Test
-    public void actualCharactersAllowedInName() {
-        checkCharInName(NETSCAPE_NAME);
-    }
 
     @Test(expected = IllegalArgumentException.class)
     public void leadingDollar() {
@@ -140,20 +127,27 @@ public class TestCookie {
         Assert.assertEquals("HttpOnly", cookie.getName());
     }
 
-    public static void checkCharInName(BitSet allowed) {
+    @Test
+    public void strictNamingImpliesRFC2109() {
+        // Not using strict naming here so this should be OK
+        @SuppressWarnings("unused")
+        Cookie cookie = new Cookie("@Foo", null);
+    }
+
+    public static void checkCharInName(CookieNameValidator validator, BitSet 
allowed) {
         for (char ch = 0; ch < allowed.size(); ch++) {
-            Boolean expected = Boolean.valueOf(allowed.get(ch));
+            boolean expected = allowed.get(ch);
             String name = "X" + ch + "X";
-            Boolean actual;
             try {
-                @SuppressWarnings("unused")
-                Cookie c = new Cookie(name, null);
-                actual = Boolean.TRUE;
+                validator.validate(name);
+                if (!expected) {
+                    Assert.fail(String.format("Char %d should not be allowed", 
Integer.valueOf(ch)));
+                }
             } catch (IllegalArgumentException e) {
-                actual = Boolean.FALSE;
+                if (expected) {
+                    Assert.fail(String.format("Char %d should be allowed", 
Integer.valueOf(ch)));
+                }
             }
-            String msg = String.format("Check for char %d in name", 
Integer.valueOf(ch));
-            Assert.assertEquals(msg, expected, actual);
         }
     }
 }

Added: tomcat/trunk/test/javax/servlet/http/TestCookieNetscapeValidator.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/javax/servlet/http/TestCookieNetscapeValidator.java?rev=1596551&view=auto
==============================================================================
--- tomcat/trunk/test/javax/servlet/http/TestCookieNetscapeValidator.java 
(added)
+++ tomcat/trunk/test/javax/servlet/http/TestCookieNetscapeValidator.java Wed 
May 21 12:20:23 2014
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package javax.servlet.http;
+
+import java.util.BitSet;
+
+import org.junit.Test;
+
+/**
+ * Basic tests for Cookie in default configuration.
+ */
+public class TestCookieNetscapeValidator {
+
+    private NetscapeValidator validator = new NetscapeValidator();
+
+    @Test
+    public void actualCharactersAllowedInName() {
+        // "any character except comma, semicolon and whitespace"
+        BitSet allowed = new BitSet(256);
+        allowed.or(TestCookie.CHAR);
+        allowed.andNot(TestCookie.CTL);
+        allowed.clear(';');
+        allowed.clear(',');
+        allowed.clear(' ');
+        TestCookie.checkCharInName(validator, allowed);
+    }
+}

Propchange: 
tomcat/trunk/test/javax/servlet/http/TestCookieNetscapeValidator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: tomcat/trunk/test/javax/servlet/http/TestCookieRFC2109Validator.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/javax/servlet/http/TestCookieRFC2109Validator.java?rev=1596551&view=auto
==============================================================================
--- tomcat/trunk/test/javax/servlet/http/TestCookieRFC2109Validator.java (added)
+++ tomcat/trunk/test/javax/servlet/http/TestCookieRFC2109Validator.java Wed 
May 21 12:20:23 2014
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package javax.servlet.http;
+
+import org.junit.Test;
+
+/**
+ * Basic tests for Cookie in default configuration.
+ */
+public class TestCookieRFC2109Validator {
+    static {
+        
System.setProperty("org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR",
 "true");
+    }
+
+    private RFC2109Validator validator = new RFC2109Validator();
+
+    @Test
+    public void actualCharactersAllowedInName() {
+        TestCookie.checkCharInName(validator, TestCookie.TOKEN);
+    }
+}

Propchange: tomcat/trunk/test/javax/servlet/http/TestCookieRFC2109Validator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: tomcat/trunk/test/javax/servlet/http/TestCookieStrict.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/javax/servlet/http/TestCookieStrict.java?rev=1596551&r1=1596550&r2=1596551&view=diff
==============================================================================
--- tomcat/trunk/test/javax/servlet/http/TestCookieStrict.java (original)
+++ tomcat/trunk/test/javax/servlet/http/TestCookieStrict.java Wed May 21 
12:20:23 2014
@@ -25,7 +25,6 @@ import org.junit.Test;
 public class TestCookieStrict {
     static {
         
System.setProperty("org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING", 
"true");
-        
System.setProperty("org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR",
 "true");
     }
 
     @Test
@@ -37,8 +36,9 @@ public class TestCookieStrict {
         Assert.assertEquals(-1, cookie.getMaxAge());
     }
 
-    @Test
-    public void actualCharactersAllowedInName() {
-        TestCookie.checkCharInName(TestCookie.TOKEN);
+    @Test(expected = IllegalArgumentException.class)
+    public void strictNamingImpliesRFC2109() {
+        @SuppressWarnings("unused")
+        Cookie cookie = new Cookie("@Foo", null);
     }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to