Properly expand URI vars with regex
Before this commit UriComponents was capable of expanding URI vars that
may have contained a regular expressions (as supported with
@RequestMapping for example). However if the regular expressions
contained any nested "{}" the expand did not work correctly.
This commit sanitizes a URI template source removing any content
between nested "{}" prior to expanding. This works since we only care
about the URI variable name.
Issue: SPR-13311
This commit is contained in:
@@ -219,6 +219,9 @@ public abstract class UriComponents implements Serializable {
|
||||
if (source.indexOf('{') == -1) {
|
||||
return source;
|
||||
}
|
||||
if (source.indexOf(':') != -1) {
|
||||
source = sanitizeSource(source);
|
||||
}
|
||||
Matcher matcher = NAMES_PATTERN.matcher(source);
|
||||
StringBuffer sb = new StringBuffer();
|
||||
while (matcher.find()) {
|
||||
@@ -236,6 +239,27 @@ public abstract class UriComponents implements Serializable {
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove nested "{}" such as in URI vars with regular expressions.
|
||||
*/
|
||||
private static String sanitizeSource(String source) {
|
||||
int level = 0;
|
||||
StringBuilder sb = new StringBuilder();
|
||||
for (char c : source.toCharArray()) {
|
||||
if (c == '{') {
|
||||
level++;
|
||||
}
|
||||
if (c == '}') {
|
||||
level--;
|
||||
}
|
||||
if (level > 1 || (level == 1 && c == '}')) {
|
||||
continue;
|
||||
}
|
||||
sb.append(c);
|
||||
}
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
private static String getVariableName(String match) {
|
||||
int colonIdx = match.indexOf(':');
|
||||
return (colonIdx != -1 ? match.substring(0, colonIdx) : match);
|
||||
|
||||
Reference in New Issue
Block a user