Polish URL Cleanup

This commit is contained in:
Rob Winch
2019-03-21 23:47:38 -05:00
parent d99edd154f
commit 263868f018
39 changed files with 162 additions and 154 deletions

View File

@@ -225,7 +225,7 @@ public class HandlersBeanDefinitionParserTests {
assertThat(interceptors, contains(instanceOf(OriginHandshakeInterceptor.class)));
assertTrue(transportService.shouldSuppressCors());
assertTrue(transportService.getAllowedOrigins().contains("https://mydomain1.com"));
assertTrue(transportService.getAllowedOrigins().contains("/QTifZ/"));
assertTrue(transportService.getAllowedOrigins().contains("https://mydomain2.com"));
}

View File

@@ -184,8 +184,8 @@ public class MessageBrokerBeanDefinitionParserTests {
interceptors = defaultSockJsService.getHandshakeInterceptors();
assertThat(interceptors, contains(instanceOf(FooTestInterceptor.class),
instanceOf(BarTestInterceptor.class), instanceOf(OriginHandshakeInterceptor.class)));
assertTrue(defaultSockJsService.getAllowedOrigins().contains("http://mydomain3.com"));
assertTrue(defaultSockJsService.getAllowedOrigins().contains("http://www.mydomain4.com/"));
assertTrue(defaultSockJsService.getAllowedOrigins().contains("https://mydomain3.com"));
assertTrue(defaultSockJsService.getAllowedOrigins().contains("https://mydomain4.com"));
SimpUserRegistry userRegistry = this.appContext.getBean(SimpUserRegistry.class);
assertNotNull(userRegistry);

View File

@@ -117,7 +117,7 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests {
public void sameOriginMatchWithEmptyAllowedOrigins() throws Exception {
Map<String, Object> attributes = new HashMap<>();
WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class);
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
this.servletRequest.setServerName("mydomain2.com");
OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(Collections.emptyList());
assertTrue(interceptor.beforeHandshake(request, response, wsHandler, attributes));
@@ -128,9 +128,9 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests {
public void sameOriginMatchWithAllowedOrigins() throws Exception {
Map<String, Object> attributes = new HashMap<>();
WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class);
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
this.servletRequest.setServerName("mydomain2.com");
OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(Arrays.asList("https://mydomain1.com"));
OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(Arrays.asList("http://mydomain1.com"));
assertTrue(interceptor.beforeHandshake(request, response, wsHandler, attributes));
assertNotEquals(servletResponse.getStatus(), HttpStatus.FORBIDDEN.value());
}

View File

@@ -114,7 +114,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
@Test // SPR-12226 and SPR-12660
public void handleInfoGetWithOrigin() throws IOException {
this.servletRequest.setServerName("mydomain2.com");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
assertEquals("application/json;charset=UTF-8", this.servletResponse.getContentType());
@@ -125,17 +125,17 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
assertEquals(",\"origins\":[\"*:*\"],\"cookie_needed\":true,\"websocket\":true}",
body.substring(body.indexOf(',')));
this.service.setAllowedOrigins(Collections.singletonList("https://mydomain1.com"));
this.service.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"));
this.service.setAllowedOrigins(Arrays.asList("http://mydomain1.com", "http://mydomain2.com", "http://mydomain3.com"));
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
this.service.setAllowedOrigins(Collections.singletonList("*"));
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
this.servletRequest.setServerName("mydomain3.com");
this.service.setAllowedOrigins(Collections.singletonList("https://mydomain1.com"));
this.service.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.FORBIDDEN);
}
@@ -176,17 +176,17 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
@Test // SPR-12226 and SPR-12660
public void handleInfoOptionsWithAllowedOrigin() {
this.servletRequest.setServerName("mydomain2.com");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS, "Last-Modified");
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
assertNotNull(this.service.getCorsConfiguration(this.servletRequest));
this.service.setAllowedOrigins(Collections.singletonList("https://mydomain1.com"));
this.service.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
assertNotNull(this.service.getCorsConfiguration(this.servletRequest));
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"));
this.service.setAllowedOrigins(Arrays.asList("http://mydomain1.com", "http://mydomain2.com", "http://mydomain3.com"));
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
assertNotNull(this.service.getCorsConfiguration(this.servletRequest));
@@ -198,7 +198,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
@Test // SPR-16304
public void handleInfoOptionsWithForbiddenOrigin() {
this.servletRequest.setServerName("mydomain3.com");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS, "Last-Modified");
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.FORBIDDEN);
@@ -213,7 +213,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
@Test // SPR-12283
public void handleInfoOptionsWithOriginAndCorsHeadersDisabled() {
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
this.service.setAllowedOrigins(Collections.singletonList("*"));
this.service.setSuppressCors(true);
@@ -225,7 +225,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.FORBIDDEN);
assertNull(this.service.getCorsConfiguration(this.servletRequest));
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"));
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "https://mydomain2.com", "http://mydomain3.com"));
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
assertNull(this.service.getCorsConfiguration(this.servletRequest));
}

View File

@@ -149,7 +149,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
public void handleTransportRequestXhrAllowedOriginsMatch() throws Exception {
String sockJsPath = sessionUrlPrefix + "xhr";
setRequest("POST", sockJsPrefix + sockJsPath);
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/"));
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "https://mydomain2.com"));
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain1.com");
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
@@ -160,7 +160,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
public void handleTransportRequestXhrAllowedOriginsNoMatch() throws Exception {
String sockJsPath = sessionUrlPrefix + "xhr";
setRequest("POST", sockJsPrefix + sockJsPath);
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/"));
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "https://mydomain2.com"));
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain3.com");
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
@@ -172,7 +172,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
String sockJsPath = sessionUrlPrefix + "xhr";
setRequest("POST", sockJsPrefix + sockJsPath);
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com"));
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain1.com");
this.servletRequest.setServerName("mydomain2.com");
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
@@ -184,7 +184,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
String sockJsPath = sessionUrlPrefix + "invalid";
setRequest("POST", sockJsPrefix + sockJsPath);
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com"));
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
this.servletRequest.setServerName("mydomain2.com");
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
@@ -280,7 +280,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
resetRequestAndResponse();
setRequest("GET", sockJsPrefix + sockJsPath);
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
wsService.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
assertEquals(403, this.servletResponse.getStatus());
}