diff options
author | Greg Wilkins | 2016-02-03 13:26:58 +0000 |
---|---|---|
committer | Greg Wilkins | 2016-02-03 13:28:08 +0000 |
commit | f2e71a2ddedd7938b9a0554a989d3c9cd69f4bed (patch) | |
tree | 1ee6f8c651f2ddc9e95550acde0aea75158ef43f | |
parent | 1b7045babd2926d5ae4fba03ea124d695533a28c (diff) | |
download | org.eclipse.jetty.project-f2e71a2ddedd7938b9a0554a989d3c9cd69f4bed.tar.gz org.eclipse.jetty.project-f2e71a2ddedd7938b9a0554a989d3c9cd69f4bed.tar.xz org.eclipse.jetty.project-f2e71a2ddedd7938b9a0554a989d3c9cd69f4bed.zip |
485306 - HttpParser (HttpURI) mistaking basic auth password as a port number
Added support for a password and a getUser() method
-rw-r--r-- | jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java | 19 | ||||
-rw-r--r-- | jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java | 10 |
2 files changed, 28 insertions, 1 deletions
diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java index 3062145dfc..fe3768bc24 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/HttpURI.java @@ -333,6 +333,8 @@ public class HttpURI state=State.PORT; break; case '@': + if (_user!=null) + throw new IllegalArgumentException("Bad authority"); _user=uri.substring(mark,i); mark=i+1; break; @@ -371,7 +373,16 @@ public class HttpURI case PORT: { - if (c=='/') + if (c=='@') + { + if (_user!=null) + throw new IllegalArgumentException("Bad authority"); + // It wasn't a port, but a password! + _user=_host+":"+uri.substring(mark,i); + mark=i+1; + state=State.HOST; + } + else if (c=='/') { _port=TypeUtil.parseInt(uri,mark,i-mark,10); path_mark=mark=i; @@ -744,6 +755,12 @@ public class HttpURI return _host+":"+_port; return _host; } + + /* ------------------------------------------------------------ */ + public String getUser() + { + return _user; + } } diff --git a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java index d308cde3b5..74c6feedde 100644 --- a/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java +++ b/jetty-http/src/test/java/org/eclipse/jetty/http/HttpURITest.java @@ -22,6 +22,7 @@ package org.eclipse.jetty.http; import static org.junit.Assert.*; import java.io.UnsupportedEncodingException; +import java.net.URI; import java.net.URLDecoder; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; @@ -193,4 +194,13 @@ public class HttpURITest assertEquals("http:/path/info",uri.toString()); } + + @Test + public void testBasicAuthCredentials() throws Exception + { + HttpURI uri = new HttpURI("http://user:password@example.com:8888/blah"); + assertEquals("http://user:password@example.com:8888/blah", uri.toString()); + assertEquals(uri.getAuthority(), "example.com:8888"); + assertEquals(uri.getUser(), "user:password"); + } } |