blob: cf08346d4fb553a0e8675276df7e644471f57533 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.jdisc.http.server.jetty;
import com.yahoo.container.logging.AccessLogEntry;
import org.testng.annotations.Test;
import javax.servlet.http.HttpServletRequest;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
* @author bakksjo
*/
@SuppressWarnings("deprecation") // AccessLogEntry.setURI/getURI are deprecated
public class AccessLogRequestLogTest {
@Test
public void requireThatQueryWithUnquotedSpecialCharactersIsHandled() {
final HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
when(httpServletRequest.getRequestURI()).thenReturn("/search/");
when(httpServletRequest.getQueryString()).thenReturn("query=year:>2010");
final AccessLogEntry accessLogEntry = new AccessLogEntry();
AccessLogRequestLog.populateAccessLogEntryFromHttpServletRequest(httpServletRequest, accessLogEntry);
assertThat(accessLogEntry.getURI(), is(not(nullValue())));
}
@Test
public void requireThatDoubleQuotingIsNotPerformed() {
final HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
final String path = "/search/";
when(httpServletRequest.getRequestURI()).thenReturn(path);
final String query = "query=year%252010+%3B&customParameter=something";
when(httpServletRequest.getQueryString()).thenReturn(query);
final AccessLogEntry accessLogEntry = new AccessLogEntry();
AccessLogRequestLog.populateAccessLogEntryFromHttpServletRequest(httpServletRequest, accessLogEntry);
assertThat(accessLogEntry.getURI().toString(), is(path + '?' + query));
}
@Test
public void requireThatNoQueryPartIsHandledWhenRequestIsMalformed() {
final HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
final String path = "/s>earch/";
when(httpServletRequest.getRequestURI()).thenReturn(path);
final String query = null;
when(httpServletRequest.getQueryString()).thenReturn(query);
final AccessLogEntry accessLogEntry = new AccessLogEntry();
AccessLogRequestLog.populateAccessLogEntryFromHttpServletRequest(httpServletRequest, accessLogEntry);
assertThat(accessLogEntry.getURI().toString(), is("/s%3Eearch/"));
}
@Test
public void invalid_percent_escape_patterns_in_query_string_are_escaped() {
HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
when(httpServletRequest.getRequestURI()).thenReturn("/search/");
when(httpServletRequest.getQueryString()).thenReturn("q=%%2");
AccessLogEntry accessLogEntry = new AccessLogEntry();
AccessLogRequestLog.populateAccessLogEntryFromHttpServletRequest(httpServletRequest, accessLogEntry);
assertThat(accessLogEntry.getURI().toString(), is("/search/?q=%25%252"));
}
}
|