diff --git a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java --- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java +++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java @@ -45,6 +45,8 @@ import java.util.ArrayList; import java.util.Date; import java.util.List; + +import net.sourceforge.jnlp.util.UrlUtils; import net.sourceforge.jnlp.LaunchException; import net.sourceforge.jnlp.PluginBridge; import net.sourceforge.jnlp.cache.ResourceTracker; @@ -96,24 +98,11 @@ public class UnsignedAppletTrustConfirma private static UnsignedAppletActionEntry getMatchingItem(UnsignedAppletActionStorage actionStorage, PluginBridge file) { return actionStorage.getMatchingItem( - normalizeUrlAndStripParams(file.getSourceLocation()).toString(), - normalizeUrlAndStripParams(file.getCodeBase()).toString(), + UrlUtils.normalizeUrlAndStripParams(file.getSourceLocation()).toString(), + UrlUtils.normalizeUrlAndStripParams(file.getCodeBase()).toString(), toRelativePaths(file.getArchiveJars(), file.getCodeBase().toString())); } - static URL normalizeUrlAndStripParams(URL url) { - try { - String[] urlParts = url.toString().split("\\?"); - URL strippedUrl = new URL(urlParts[0]); - return ResourceTracker.normalizeUrl(strippedUrl, false); - } catch (IOException e) { - e.printStackTrace(); - } catch (URISyntaxException e) { - e.printStackTrace(); - } - return url; - } - /* Extract the archives as relative paths */ static List toRelativePaths(List paths, String rootPath) { List fileNames = new ArrayList(); @@ -142,8 +131,8 @@ public class UnsignedAppletTrustConfirma return; } - URL codebase = normalizeUrlAndStripParams(file.getCodeBase()); - URL documentbase = normalizeUrlAndStripParams(file.getSourceLocation()); + URL codebase = UrlUtils.normalizeUrlAndStripParams(file.getCodeBase()); + URL documentbase = UrlUtils.normalizeUrlAndStripParams(file.getSourceLocation()); /* Else, create a new entry */ UrlRegEx codebaseRegex = new UrlRegEx("\\Q" + codebase + "\\E"); diff --git a/netx/net/sourceforge/jnlp/util/UrlUtils.java b/netx/net/sourceforge/jnlp/util/UrlUtils.java --- a/netx/net/sourceforge/jnlp/util/UrlUtils.java +++ b/netx/net/sourceforge/jnlp/util/UrlUtils.java @@ -37,10 +37,27 @@ exception statement from your version. package net.sourceforge.jnlp.util; +import java.io.IOException; +import java.net.URISyntaxException; import java.net.URL; +import net.sourceforge.jnlp.cache.ResourceTracker; + public class UrlUtils { + public static URL normalizeUrlAndStripParams(URL url) { + try { + String[] urlParts = url.toString().split("\\?"); + URL strippedUrl = new URL(urlParts[0]); + return ResourceTracker.normalizeUrl(strippedUrl, false); + } catch (IOException e) { + e.printStackTrace(); + } catch (URISyntaxException e) { + e.printStackTrace(); + } + return url; + } + public static boolean isLocalFile(URL url) { if (url.getProtocol().equals("file") && diff --git a/tests/netx/unit/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmationTest.java b/tests/netx/unit/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmationTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmationTest.java +++ b/tests/netx/unit/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmationTest.java @@ -36,24 +36,4 @@ public class UnsignedAppletTrustConfirma assertEquals(toList("test .jar"), UnsignedAppletTrustConfirmation.toRelativePaths(toList("http://example.com/test .jar"), "http://example.com/")); } - - @Test - public void testNormalizeUrlAndStripParams() throws Exception { - /* Test that URL is normalized (encoded if not already encoded, leading whitespace trimmed, etc) */ - assertEquals("http://example.com/%20test%20test", - UnsignedAppletTrustConfirmation.normalizeUrlAndStripParams(new URL("http://example.com/ test%20test ")).toString()); - /* Test that a URL without '?' is left unchanged */ - assertEquals("http://example.com/test", - UnsignedAppletTrustConfirmation.normalizeUrlAndStripParams(new URL("http://example.com/test")).toString()); - /* Test that parts of a URL that come after '?' are stripped */ - assertEquals("http://example.com/test", - UnsignedAppletTrustConfirmation.normalizeUrlAndStripParams(new URL("http://example.com/test?test=test")).toString()); - /* Test that everything after the first '?' is stripped */ - assertEquals("http://example.com/test", - UnsignedAppletTrustConfirmation.normalizeUrlAndStripParams(new URL("http://example.com/test?http://example.com/?test")).toString()); - - /* Test normalization + stripping */ - assertEquals("http://example.com/%20test%20test", - UnsignedAppletTrustConfirmation.normalizeUrlAndStripParams(new URL("http://www.example.com/ test%20test ?test=test")).toString()); - } } \ No newline at end of file diff --git a/tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java b/tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java new file mode 100644 --- /dev/null +++ b/tests/netx/unit/net/sourceforge/jnlp/util/UrlUtilsTest.java @@ -0,0 +1,30 @@ +package net.sourceforge.jnlp.util; + +import static org.junit.Assert.*; + +import java.net.URL; + +import org.junit.Test; + +public class UrlUtilsTest { + + @Test + public void testNormalizeUrlAndStripParams() throws Exception { + /* Test that URL is normalized (encoded if not already encoded, leading whitespace trimmed, etc) */ + assertEquals("http://example.com/%20test%20test", + UrlUtils.normalizeUrlAndStripParams(new URL("http://example.com/ test%20test ")).toString()); + /* Test that a URL without '?' is left unchanged */ + assertEquals("http://example.com/test", + UrlUtils.normalizeUrlAndStripParams(new URL("http://example.com/test")).toString()); + /* Test that parts of a URL that come after '?' are stripped */ + assertEquals("http://example.com/test", + UrlUtils.normalizeUrlAndStripParams(new URL("http://example.com/test?test=test")).toString()); + /* Test that everything after the first '?' is stripped */ + assertEquals("http://example.com/test", + UrlUtils.normalizeUrlAndStripParams(new URL("http://example.com/test?http://example.com/?test")).toString()); + + /* Test normalization + stripping */ + assertEquals("http://example.com/%20test%20test", + UrlUtils.normalizeUrlAndStripParams(new URL("http://example.com/ test%20test ?test=test")).toString()); + } +}