Guard against invalid paths in ResourceUrlProvider

This commit makes sure that no `StringIndexOutOfBoundsException` is
thrown when `getForRequestUrl` is called with a URL that's shorter than
the expected context path.

Issue: SPR-16526
This commit is contained in:
Brian Clozel
2018-03-05 15:17:42 +01:00
parent 4f8c4546f1
commit 6d26e61ac7
2 changed files with 17 additions and 3 deletions

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2016 the original author or authors.
* Copyright 2002-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -90,6 +90,16 @@ public class ResourceUrlProviderTests {
assertEquals("/resources/foo.css#hash", resolvedUrl);
}
@Test // SPR-16526
public void getStaticResourceWithMissingContextPath() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setContextPath("/contextpath-longer-than-request-path");
request.setRequestURI("/contextpath-longer-than-request-path/style.css");
String url = "/resources/foo.css";
String resolvedUrl = this.urlProvider.getForRequestUrl(request, url);
assertNull(resolvedUrl);
}
@Test
public void getFingerprintedResourceUrl() {
Map<String, VersionStrategy> versionStrategyMap = new HashMap<>();