SPR-6188 - UriTemplate: Insufficient handling of characters that need to be escaped.

This commit is contained in:
Arjen Poutsma
2009-11-13 01:27:54 +00:00
parent 8be36fafef
commit 60d2fdfcea
7 changed files with 454 additions and 152 deletions

View File

@@ -25,6 +25,7 @@ import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.io.UnsupportedEncodingException;
import org.springframework.util.Assert;
@@ -175,48 +176,12 @@ public class UriTemplate {
private static URI encodeUri(String uri) {
try {
int schemeIdx = uri.indexOf(':');
if (schemeIdx == -1) {
int queryIdx = uri.indexOf('?');
if (queryIdx == -1) {
int fragmentIdx = uri.indexOf('#');
if (fragmentIdx == -1) {
return new URI(null, null, uri, null);
}
else {
String path = uri.substring(0, fragmentIdx);
String fragment = uri.substring(fragmentIdx + 1);
return new URI(null, null, path, fragment);
}
}
else {
int fragmentIdx = uri.indexOf('#', queryIdx + 1);
if (fragmentIdx == -1) {
String path = uri.substring(0, queryIdx);
String query = uri.substring(queryIdx + 1);
return new URI(null, null, path, query, null);
}
else {
String path = uri.substring(0, queryIdx);
String query = uri.substring(queryIdx + 1, fragmentIdx);
String fragment = uri.substring(fragmentIdx + 1);
return new URI(null, null, path, query, fragment);
}
}
}
else {
int fragmentIdx = uri.indexOf('#', schemeIdx + 1);
String scheme = uri.substring(0, schemeIdx);
if (fragmentIdx == -1) {
String ssp = uri.substring(schemeIdx + 1);
return new URI(scheme, ssp, null);
}
else {
String ssp = uri.substring(schemeIdx + 1, fragmentIdx);
String fragment = uri.substring(fragmentIdx + 1);
return new URI(scheme, ssp, fragment);
}
}
String encoded = UriUtils.encodeUri(uri, "UTF-8");
return new URI(encoded);
}
catch (UnsupportedEncodingException ex) {
// should not happen, UTF-8 is always supported
throw new IllegalStateException(ex);
}
catch (URISyntaxException ex) {
throw new IllegalArgumentException("Could not create URI from [" + uri + "]: " + ex);

View File

@@ -19,63 +19,340 @@ package org.springframework.web.util;
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.util.BitSet;
import java.util.regex.Pattern;
import java.util.regex.Matcher;
import org.springframework.util.Assert;
/**
* Utility class for URI encoding. Based on RFC 2396.
* Utility class for URI encoding and decoding based on RFC 3986. Offers encoding methods for
* the various URI components.
*
* <p>Effectively, the encoding and decoding methods in this class
* are similar to those found in {@link java.net.URLEncoder} and
* {@link java.net.URLDecoder}, except that the space character
* is encoded as {@code %20}, not {@code +}.
* <p>All {@code encode*(String, String} methods in this class operate in a similar way:
* <ul>
* <li>Valid characters for the specific URI component as defined in RFC 3986 stay the same.
* <li>All other characters are converted into one or more bytes in the given encoding scheme.
* Each of the resulting bytes is written as a hexadecimal string in the "<code>%<i>xy</i></code>" format.
* </ul>
*
* @author Arjen Poutsma
* @since 3.0
* @see <a href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>
* @see <a href="http://www.ietf.org/rfc/rfc3986.txt">RFC 3986</a>
*/
public abstract class UriUtils {
private static final BitSet notEncoded = new BitSet(256);
private static final BitSet SCHEME;
private static final BitSet USER_INFO;
private static final BitSet HOST;
private static final BitSet PORT;
private static final BitSet PATH;
private static final BitSet SEGMENT;
private static final BitSet QUERY;
private static final BitSet QUERY_PARAM;
private static final BitSet FRAGMENT;
private static final String SCHEME_PATTERN = "([^:/?#]+):";
private static final String USERINFO_PATTERN = "([^@]*)";
private static final String HOST_PATTERN = "([^/?#:]*)";
private static final String PORT_PATTERN = "(\\d*)";
private static final String PATH_PATTERN = "([^?#]*)";
private static final String QUERY_PATTERN = "([^#]*)";
private static final String FRAGMENT_PATTERN = "(.*)";
// Regex patterns that matches URIs. See RFC 3986, appendix B
private static final Pattern URI_PATTERN =
Pattern.compile("^(" + SCHEME_PATTERN + ")?" +
"(//(" + USERINFO_PATTERN + "@)?" + HOST_PATTERN + "(:" + PORT_PATTERN + ")?" + ")?"
+ PATH_PATTERN +
"(\\?" + QUERY_PATTERN + ")?" +
"(#" + FRAGMENT_PATTERN + ")?");
static {
// variable names refer to RFC 3986, appendix A
BitSet alpha = new BitSet(256);
for (int i = 'a'; i <= 'z'; i++) {
notEncoded.set(i);
alpha.set(i);
}
for (int i = 'A'; i <= 'Z'; i++) {
notEncoded.set(i);
alpha.set(i);
}
BitSet digit = new BitSet(256);
for (int i = '0'; i <= '9'; i++) {
notEncoded.set(i);
digit.set(i);
}
notEncoded.set('-');
notEncoded.set('_');
notEncoded.set('.');
notEncoded.set('*');
BitSet gendelims = new BitSet(256);
gendelims.set(':');
gendelims.set('/');
gendelims.set('?');
gendelims.set('#');
gendelims.set('[');
gendelims.set(']');
gendelims.set('@');
BitSet subdelims = new BitSet(256);
subdelims.set('!');
subdelims.set('$');
subdelims.set('&');
subdelims.set('\'');
subdelims.set('(');
subdelims.set(')');
subdelims.set('*');
subdelims.set('+');
subdelims.set(',');
subdelims.set(';');
subdelims.set('=');
BitSet reserved = new BitSet(256);
reserved.or(gendelims);
reserved.or(subdelims);
BitSet unreserved = new BitSet(256);
unreserved.or(alpha);
unreserved.or(digit);
unreserved.set('-');
unreserved.set('.');
unreserved.set('_');
unreserved.set('~');
SCHEME = new BitSet(256);
SCHEME.or(alpha);
SCHEME.or(digit);
SCHEME.set('+');
SCHEME.set('-');
SCHEME.set('.');
USER_INFO = new BitSet(256);
USER_INFO.or(unreserved);
USER_INFO.or(subdelims);
USER_INFO.set(':');
HOST = new BitSet(256);
HOST.or(unreserved);
HOST.or(subdelims);
PORT = new BitSet(256);
PORT.or(digit);
BitSet pchar = new BitSet(256);
pchar.or(unreserved);
pchar.or(subdelims);
pchar.set(':');
pchar.set('@');
SEGMENT = new BitSet(256);
SEGMENT.or(pchar);
PATH = new BitSet(256);
PATH.or(SEGMENT);
PATH.set('/');
QUERY = new BitSet(256);
QUERY.or(pchar);
QUERY.set('/');
QUERY.set('?');
QUERY_PARAM = new BitSet(256);
QUERY_PARAM.or(pchar);
QUERY_PARAM.set('/');
QUERY_PARAM.set('?');
QUERY_PARAM.clear('=');
QUERY_PARAM.clear('+');
QUERY_PARAM.clear('&');
FRAGMENT = new BitSet(256);
FRAGMENT.or(pchar);
FRAGMENT.set('/');
FRAGMENT.set('?');
}
/**
* Encodes the given source URI into an encoded String. Based on the following
* rules:
* <ul>
* <li>Alphanumeric characters {@code "a"} through {@code "z"},
* {@code "A"} through {@code "Z"}, and {@code "0"} through {@code "9"}
* stay the same.
* <li>Special characters {@code "-"}, {@code "_"}, {@code "."}, and
* {@code "*"} stay the same.
* <li>All other characters are converted into one or more bytes using the
* given encoding scheme. Each of the resulting bytes is written as a
* hexadecimal string in the "<code>%<i>xy</i></code>" format.
* </ul>
* Encodes the given source URI into an encoded String. All various URI components are encoded according to
* their respective valid character sets.
*
* @param source the String to be encoded
* @param encoding the encoding to use
* @return the encoded string
* @param uri the URI to be encoded
* @param encoding the character encoding to encode to
* @return the encoded URI
* @throws IllegalArgumentException when the given uri parameter is not a valid URI
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
* @see java.net.URLEncoder#encode(String, String)
*/
public static String encode(String source, String encoding) throws UnsupportedEncodingException {
public static String encodeUri(String uri, String encoding) throws UnsupportedEncodingException {
Assert.notNull(uri, "'uri' must not be null");
Assert.hasLength(encoding, "'encoding' must not be empty");
Matcher m = URI_PATTERN.matcher(uri);
if (m.matches()) {
String scheme = m.group(2);
String authority = m.group(3);
String userinfo = m.group(5);
String host = m.group(6);
String port = m.group(8);
String path = m.group(9);
String query = m.group(11);
String fragment = m.group(13);
StringBuilder sb = new StringBuilder();
if (scheme != null) {
sb.append(encodeScheme(scheme, encoding));
sb.append(':');
}
if (authority != null) {
sb.append("//");
if (userinfo != null) {
sb.append(encodeUserInfo(userinfo, encoding));
sb.append('@');
}
if (host != null) {
sb.append(encodeHost(host, encoding));
}
if (port != null) {
sb.append(':');
sb.append(encodePort(port, encoding));
}
}
sb.append(encodePath(path, encoding));
if (query != null) {
sb.append('?');
sb.append(encodeQuery(query, encoding));
}
if (fragment != null) {
sb.append('#');
sb.append(encodeFragment(fragment, encoding));
}
return sb.toString();
} else {
throw new IllegalArgumentException("[" + uri + "] is not a valid URI");
}
}
/**
* Encodes the given URI scheme.
*
* @param scheme the scheme to be encoded
* @param encoding the character encoding to encode to
* @return the encoded scheme
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodeScheme(String scheme, String encoding) throws UnsupportedEncodingException {
return encode(scheme, encoding, SCHEME);
}
/**
* Encodes the given URI user info.
*
* @param userInfo the user info to be encoded
* @param encoding the character encoding to encode to
* @return the encoded user info
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodeUserInfo(String userInfo, String encoding) throws UnsupportedEncodingException {
return encode(userInfo, encoding, USER_INFO);
}
/**
* Encodes the given URI host.
*
* @param host the host to be encoded
* @param encoding the character encoding to encode to
* @return the encoded host
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodeHost(String host, String encoding) throws UnsupportedEncodingException {
return encode(host, encoding, HOST);
}
/**
* Encodes the given URI port.
*
* @param port the port to be encoded
* @param encoding the character encoding to encode to
* @return the encoded port
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodePort(String port, String encoding) throws UnsupportedEncodingException {
return encode(port, encoding, PORT);
}
/**
* Encodes the given URI path.
*
* @param path the path to be encoded
* @param encoding the character encoding to encode to
* @return the encoded path
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodePath(String path, String encoding) throws UnsupportedEncodingException {
return encode(path, encoding, PATH);
}
/**
* Encodes the given URI path segment.
*
* @param segment the segment to be encoded
* @param encoding the character encoding to encode to
* @return the encoded segment
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodePathSegment(String segment, String encoding) throws UnsupportedEncodingException {
return encode(segment, encoding, SEGMENT);
}
/**
* Encodes the given URI query.
*
* @param query the query to be encoded
* @param encoding the character encoding to encode to
* @return the encoded query
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodeQuery(String query, String encoding) throws UnsupportedEncodingException {
return encode(query, encoding, QUERY);
}
/**
* Encodes the given URI query parameter.
*
* @param query the query parameter to be encoded
* @param encoding the character encoding to encode to
* @return the encoded query parameter
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodeQueryParam(String queryParam, String encoding) throws UnsupportedEncodingException {
return encode(queryParam, encoding, QUERY_PARAM);
}
/**
* Encodes the given URI fragment.
*
* @param fragment the fragment to be encoded
* @param encoding the character encoding to encode to
* @return the encoded fragment
* @throws UnsupportedEncodingException when the given encoding parameter is not supported
*/
public static String encodeFragment(String fragment, String encoding) throws UnsupportedEncodingException {
return encode(fragment, encoding, FRAGMENT);
}
private static String encode(String source, String encoding, BitSet notEncoded) throws UnsupportedEncodingException {
Assert.notNull(source, "'source' must not be null");
Assert.hasLength(encoding, "'encoding' must not be empty");
ByteArrayOutputStream bos = new ByteArrayOutputStream(source.length() * 2);