View Javadoc

1   package com.atlassian.core.filters;
2   
3   import com.mockobjects.constraint.IsEqual;
4   import com.mockobjects.constraint.IsNull;
5   import com.mockobjects.constraint.IsAnything;
6   import com.mockobjects.dynamic.FullConstraintMatcher;
7   import com.mockobjects.dynamic.Mock;
8   import com.mockobjects.servlet.MockHttpServletResponse;
9   import junit.framework.TestCase;
10  
11  import javax.servlet.http.Cookie;
12  import javax.servlet.http.HttpServletResponse;
13  
14  /**
15   * @since v4.2
16   */
17  public class TestHeaderSanitisingResponseWrapper extends TestCase
18  {
19      public void testCleanString() throws Exception
20      {
21          final MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
22          HeaderSanitisingResponseWrapper wrapper = new HeaderSanitisingResponseWrapper(mockHttpServletResponse);
23          assertEquals("This is a normal string", wrapper.cleanString("This is a normal string"));
24  
25          String badString = new String(new char[] { '\r', '\n', 'n', 'o', 'r', 'm', 'a', 'l' });
26          assertEquals("  normal", wrapper.cleanString(badString));
27  
28          badString          = "this is a normal string";
29          String replacement = "t!is!is!!!norm!l!strin!";
30          wrapper = new HeaderSanitisingResponseWrapper(mockHttpServletResponse, new char[] {' ', 'a', 'g', 'h'}, '!');
31          assertEquals(replacement, wrapper.cleanString(badString));
32  
33          assertNull(wrapper.cleanString(null));
34  
35          assertEquals("", wrapper.cleanString(""));
36      }
37  
38      public void testAddCookie() throws Exception
39      {
40          // only values are cleaned as name is immutable
41          final Cookie cookie         = new MyCookie("GOOD NAME", "BAD VALUE");
42          final Cookie expectedCookie = new MyCookie("GOOD NAME", "BAD.VALUE");
43  
44          Mock mockResponse = new Mock(HttpServletResponse.class);
45          mockResponse.expect("addCookie", new FullConstraintMatcher(new IsEqual(expectedCookie)));
46  
47          HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
48          wrapper.addCookie(cookie);
49  
50          mockResponse.verify();
51      }
52  
53      public void testAddCookieNull() throws Exception
54      {
55          Mock mockResponse = new Mock(HttpServletResponse.class);
56          mockResponse.expect("addCookie", new FullConstraintMatcher(new IsNull()));
57  
58          HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
59          wrapper.addCookie(null);
60  
61          mockResponse.verify();
62      }
63  
64      public void testSetContentType() throws Exception
65      {
66          // only values are cleaned as name is immutable
67          final String contentType         = "BAD VALUE";
68          final String expectedContentType = "BAD.VALUE";
69  
70          Mock mockResponse = new Mock(HttpServletResponse.class);
71          mockResponse.expect("setContentType", new FullConstraintMatcher(new IsEqual(expectedContentType)));
72  
73          HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
74          wrapper.setContentType(contentType);
75  
76          mockResponse.verify();
77      }
78  
79      public void testSetDateHeader() throws Exception
80      {
81          // only values are cleaned as name is immutable
82          final String dateHeader         = "BAD VALUE";
83          final String expectedDateHeader = "BAD.VALUE";
84  
85          Mock mockResponse = new Mock(HttpServletResponse.class);
86          mockResponse.expect("setDateHeader", new FullConstraintMatcher(new IsEqual(expectedDateHeader), new IsAnything()));
87  
88          HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
89          wrapper.setDateHeader(dateHeader, 1L);
90  
91          mockResponse.verify();
92      }
93  
94      public void testAddDateHeader() throws Exception
95      {
96          // only values are cleaned as name is immutable
97          final String dateHeader         = "BAD VALUE";
98          final String expectedDateHeader = "BAD.VALUE";
99  
100         Mock mockResponse = new Mock(HttpServletResponse.class);
101         mockResponse.expect("addDateHeader", new FullConstraintMatcher(new IsEqual(expectedDateHeader), new IsAnything()));
102 
103         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
104         wrapper.addDateHeader(dateHeader, 1L);
105 
106         mockResponse.verify();
107     }
108 
109     public void testSetHeader() throws Exception
110     {
111         // only values are cleaned as name is immutable
112         final String headerName          = "BAD NAME";
113         final String expectedHeaderName  = "BAD.NAME";
114         final String headerValue         = "BAD VALUE";
115         final String expectedHeaderValue = "BAD.VALUE";
116 
117         Mock mockResponse = new Mock(HttpServletResponse.class);
118         mockResponse.expect("setHeader", new FullConstraintMatcher(new IsEqual(expectedHeaderName), new IsEqual(expectedHeaderValue)));
119 
120         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
121         wrapper.setHeader(headerName, headerValue);
122 
123         mockResponse.verify();
124     }
125 
126     public void testAddHeader() throws Exception
127     {
128         // only values are cleaned as name is immutable
129         final String headerName          = "BAD NAME";
130         final String expectedHeaderName  = "BAD.NAME";
131         final String headerValue         = "BAD VALUE";
132         final String expectedHeaderValue = "BAD.VALUE";
133 
134         Mock mockResponse = new Mock(HttpServletResponse.class);
135         mockResponse.expect("addHeader", new FullConstraintMatcher(new IsEqual(expectedHeaderName), new IsEqual(expectedHeaderValue)));
136 
137         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
138         wrapper.addHeader(headerName, headerValue);
139 
140         mockResponse.verify();
141     }
142 
143     public void testSetIntHeader() throws Exception
144     {
145         // only values are cleaned as name is immutable
146         final String intHeader         = "BAD VALUE";
147         final String expectedIntHeader = "BAD.VALUE";
148 
149         Mock mockResponse = new Mock(HttpServletResponse.class);
150         mockResponse.expect("setIntHeader", new FullConstraintMatcher(new IsEqual(expectedIntHeader), new IsAnything()));
151 
152         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
153         wrapper.setIntHeader(intHeader, 1);
154 
155         mockResponse.verify();
156     }
157 
158     public void testAddIntHeader() throws Exception
159     {
160         // only values are cleaned as name is immutable
161         final String intHeader         = "BAD VALUE";
162         final String expectedIntHeader = "BAD.VALUE";
163 
164         Mock mockResponse = new Mock(HttpServletResponse.class);
165         mockResponse.expect("addIntHeader", new FullConstraintMatcher(new IsEqual(expectedIntHeader), new IsAnything()));
166 
167         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
168         wrapper.addIntHeader(intHeader, 1);
169 
170         mockResponse.verify();
171     }
172 
173     public void testSendRedirect() throws Exception
174     {
175         // only values are cleaned as name is immutable
176         final String redirect         = "BAD VALUE";
177         final String expectedRedirect = "BAD.VALUE";
178 
179         Mock mockResponse = new Mock(HttpServletResponse.class);
180         mockResponse.expect("sendRedirect", new FullConstraintMatcher(new IsEqual(expectedRedirect)));
181 
182         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
183         wrapper.sendRedirect(redirect);
184 
185         mockResponse.verify();
186     }
187 
188     public void testSendError() throws Exception
189     {
190         // only values are cleaned as name is immutable
191         final String message         = "BAD VALUE";
192         final String expectedMessage = "BAD.VALUE";
193 
194         Mock mockResponse = new Mock(HttpServletResponse.class);
195         mockResponse.expect("sendError", new FullConstraintMatcher(new IsAnything(), new IsEqual(expectedMessage)));
196 
197         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
198         wrapper.sendError(500, message);
199 
200         mockResponse.verify();
201     }
202 
203     public void testSetStatus() throws Exception
204     {
205         // only values are cleaned as name is immutable
206         final String message         = "BAD VALUE";
207         final String expectedMessage = "BAD.VALUE";
208 
209         Mock mockResponse = new Mock(HttpServletResponse.class);
210         mockResponse.expect("setStatus", new FullConstraintMatcher(new IsAnything(), new IsEqual(expectedMessage)));
211 
212         HeaderSanitisingResponseWrapper wrapper = createWrapper(mockResponse);
213         wrapper.setStatus(500, message);
214 
215         mockResponse.verify();
216     }
217 
218     private HeaderSanitisingResponseWrapper createWrapper(final Mock mockResponse)
219     {
220         return new HeaderSanitisingResponseWrapper((HttpServletResponse) mockResponse.proxy(), new char[] {' '}, '.');
221     }
222 
223     /**
224      * Test cookie that actually implements {@link #equals(Object)}.
225      */
226     private static class MyCookie extends Cookie
227     {
228         private String name;
229         private String value;
230 
231         public MyCookie(String s, String s1)
232         {
233             super(s, s1);
234             this.name = s;
235             this.value = s1;
236         }
237 
238         public void setValue(final String s)
239         {
240             this.value = s;
241             super.setValue(s);
242         }
243 
244         public boolean equals(final Object o)
245         {
246             if (this == o)
247             {
248                 return true;
249             }
250             if (o == null || getClass() != o.getClass())
251             {
252                 return false;
253             }
254 
255             final MyCookie myCookie = (MyCookie) o;
256 
257             if (name != null ? !name.equals(myCookie.name) : myCookie.name != null)
258             {
259                 return false;
260             }
261             if (value != null ? !value.equals(myCookie.value) : myCookie.value != null)
262             {
263                 return false;
264             }
265 
266             return true;
267         }
268 
269         public int hashCode()
270         {
271             int result = name != null ? name.hashCode() : 0;
272             result = 31 * result + (value != null ? value.hashCode() : 0);
273             return result;
274         }
275     }
276 }