8029354: URLPermission.<init> throws llegalArgumentException: Invalid characters in hostname
Reviewed-by: alanb, chegar
--- a/jdk/src/share/classes/java/net/URLPermission.java Sun Jan 05 21:02:57 2014 -0800
+++ b/jdk/src/share/classes/java/net/URLPermission.java Mon Jan 06 11:00:12 2014 +0000
@@ -47,7 +47,7 @@
* class.
* <i>authority</i> is specified as:
* <pre>
- * authority = hostrange [ : portrange ]
+ * authority = [ userinfo @ ] hostrange [ : portrange ]
* portrange = portnumber | -portnumber | portnumber-[portnumber] | *
* hostrange = ([*.] dnsname) | IPv4address | IPv6address
* </pre>
@@ -65,6 +65,9 @@
* (default 443). No default is assumed for other schemes. A wildcard may be specified
* which means all ports.
* <p>
+ * <i>userinfo</i> is optional. A userinfo component if present, is ignored when
+ * creating a URLPermission, and has no effect on any other methods defined by this class.
+ * <p>
* The <i>path</i> component comprises a sequence of path segments,
* separated by '/' characters. <i>path</i> may also be empty. The path is specified
* in a similar way to the path in {@link java.io.FilePermission}. There are
@@ -473,7 +476,12 @@
HostPortrange p;
Authority(String scheme, String authority) {
- p = new HostPortrange(scheme, authority);
+ int at = authority.indexOf('@');
+ if (at == -1) {
+ p = new HostPortrange(scheme, authority);
+ } else {
+ p = new HostPortrange(scheme, authority.substring(at+1));
+ }
}
boolean implies(Authority other) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/net/URLPermission/OpenURL.java Mon Jan 06 11:00:12 2014 +0000
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8029354
+ * @run main/othervm OpenURL
+ */
+
+import java.net.*;
+import java.io.*;
+
+public class OpenURL {
+
+ public static void main (String[] args) throws Exception {
+
+ System.setSecurityManager(new SecurityManager());
+
+ try {
+ URL url = new URL ("http://joe@127.0.0.1/a/b");
+ HttpURLConnection urlc = (HttpURLConnection)url.openConnection();
+ InputStream is = urlc.getInputStream();
+ // error will throw exception other than SecurityException
+ } catch (SecurityException e) {
+ System.out.println("OK");
+ }
+ }
+}
--- a/jdk/test/java/net/URLPermission/URLPermissionTest.java Sun Jan 05 21:02:57 2014 -0800
+++ b/jdk/test/java/net/URLPermission/URLPermissionTest.java Mon Jan 06 11:00:12 2014 +0000
@@ -26,7 +26,7 @@
/**
* @test
- * @bug 8010464 8027570 8027687
+ * @bug 8010464 8027570 8027687 8029354
*/
public class URLPermissionTest {
@@ -37,7 +37,30 @@
abstract boolean execute();
};
+ // Instantiation: should succeed
+ static class CreateTest extends Test {
+ String arg;
+ CreateTest(String arg) {
+ this.arg = arg;
+ }
+
+ @Override
+ boolean execute() {
+ try {
+ URLPermission p = new URLPermission(arg);
+ return true;
+ } catch (Exception e) {
+ return false;
+ }
+ }
+ };
+
+ static CreateTest createtest(String arg) {
+ return new CreateTest(arg);
+ }
+
// Should throw an IAE on construction
+
static class ExTest extends Test {
String arg;
ExTest(String arg) {
@@ -262,6 +285,7 @@
imtest("https://www.foo.com/a/b", "https://www.foo.com:443/a/b", true),
imtest("https://www.foo.com:200-500/a/b", "https://www.foo.com/a/b", true),
imtest("http://www.foo.com:*/a/b", "http://www.foo.com:1-12345/a/b", true),
+ imtest("http://host/a/b", "http://HOST/a/b", true),
// misc
imtest("https:*", "http://www.foo.com", false),
@@ -297,6 +321,16 @@
eqtest("http://www.foo.com/a/b", "http://www.foo.com:82/a/b", false),
eqtest("https://www.foo.com/a/b", "https://www.foo.com:443/a/b", true),
eqtest("https://www.foo.com/a/b", "https://www.foo.com:444/a/b", false),
+ eqtest("http://michael@foo.com/bar","http://michael@foo.com/bar", true),
+ eqtest("http://Michael@foo.com/bar","http://michael@goo.com/bar",false),
+ eqtest("http://michael@foo.com/bar","http://george@foo.com/bar", true),
+ eqtest("http://@foo.com/bar","http://foo.com/bar", true)
+ };
+
+ static Test[] createTests = {
+ createtest("http://user@foo.com/a/b/c"),
+ createtest("http://user:pass@foo.com/a/b/c"),
+ createtest("http://user:@foo.com/a/b/c")
};
static boolean failed = false;
@@ -386,6 +420,17 @@
}
}
+ for (int i=0; i<createTests.length; i++) {
+ CreateTest test = (CreateTest)createTests[i];
+ boolean result = test.execute();
+ if (!result) {
+ System.out.println ("test failed: " + test.arg);
+ failed = true;
+ } else {
+ System.out.println ("create test " + i + " OK");
+ }
+ }
+
for (int i=0; i<actionImplies.length ; i++) {
ActionImpliesTest test = (ActionImpliesTest)actionImplies[i];
Exception caught = null;