Explicitly allow only absolute URIs with host in UriPattern.match

author: Jon Marius Venstad <venstad@gmail.com> 2020-12-23 12:19:27 +0100
committer: Jon Marius Venstad <venstad@gmail.com> 2020-12-23 12:19:27 +0100
commit: 5ab90389adb834cfeec7892f813e2c4ecc60b6ba (patch)
tree: 62b06f690531950fb144aedbd953cd8659b5dce2 /jdisc_core
parent: 226bde2160e0f6ad791d97fe3e6ac284b6821a6c (diff)
1 files changed, 8 insertions, 7 deletions
diff --git a/jdisc_core/src/main/java/com/yahoo/jdisc/application/UriPattern.java b/jdisc_core/src/main/java/com/yahoo/jdisc/application/UriPattern.java
index 53d276b3fb6..642fd062b94 100644
--- a/jdisc_core/src/main/java/com/yahoo/jdisc/application/UriPattern.java
+++ b/jdisc_core/src/main/java/com/yahoo/jdisc/application/UriPattern.java
@@ -88,28 +88,29 @@ public class UriPattern implements Comparable<UriPattern> {
 
     /**
      * <p>Attempts to match the given {@link URI} to this pattern. Note that only the scheme, host, port, and path
-     * components of the URI are used. Any query or fragment part is simply ignored.</p>
+     * components of the URI are used, <em>and these must all be defined</em>. Only <em>absolute</em> URIs are supported.
+     * Any user info, query or fragment part is ignored.</p>
      *
      * @param uri The URI to match.
      * @return A {@link Match} object describing the match found, or null if not found.
      */
     public Match match(URI uri) {
+        if ( ! uri.isAbsolute() || uri.getHost() == null) // URI must have scheme, host and absolute (or empty) path.
+            return null;
+
         // Performance optimization: match in order of increasing cost and decreasing discriminating power.
         if (port > 0 && port != uri.getPort())
             return null;
 
-        String uriPath = nonNullOrBlank(uri.getRawPath());
-        GlobPattern.Match pathMatch = path.match(uriPath, uriPath.startsWith("/") ? 1 : 0);
+        GlobPattern.Match pathMatch = path.match(uri.getRawPath(), uri.getRawPath().isEmpty() ? 0 : 1); // Strip leading '/'.
         if (pathMatch == null)
             return null;
 
-        GlobPattern.Match hostMatch = uri.getHost() == null ? null
-                                                            : host.match(uri.getHost());
+        GlobPattern.Match hostMatch = host.match(uri.getHost());
         if (hostMatch == null)
             return null;
 
-        GlobPattern.Match schemeMatch = uri.getScheme() == null ? null
-                                                                : scheme.match(normalizeScheme(uri.getScheme()));
+        GlobPattern.Match schemeMatch = scheme.match(normalizeScheme(uri.getScheme()));
         if (schemeMatch == null)
             return null;
author	Jon Marius Venstad <venstad@gmail.com>	2020-12-23 12:19:27 +0100
committer	Jon Marius Venstad <venstad@gmail.com>	2020-12-23 12:19:27 +0100
commit	5ab90389adb834cfeec7892f813e2c4ecc60b6ba (patch)
tree	62b06f690531950fb144aedbd953cd8659b5dce2 /jdisc_core
parent	226bde2160e0f6ad791d97fe3e6ac284b6821a6c (diff)