Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java (revision 1385)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java (revision 1386)
@@ -20,4 +20,9 @@
*/
package net.fckeditor.connector;
+
+import static net.fckeditor.tool.Utils.forceSingleExtension;
+import static net.fckeditor.tool.Utils.isEmpty;
+import static net.fckeditor.tool.Utils.isValidPath;
+import static net.fckeditor.tool.Utils.replaceAll;
import java.io.File;
@@ -26,8 +31,5 @@
import java.io.PrintWriter;
import java.io.StringWriter;
-import java.util.HashMap;
-import java.util.Iterator;
import java.util.List;
-import java.util.Map;
import javax.servlet.ServletException;
@@ -44,8 +46,10 @@
import net.fckeditor.ConfigurationHandler;
-import net.fckeditor.tool.Utils;
+import net.fckeditor.ExtensionsHandler;
+import net.fckeditor.tool.UploadResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileItemFactory;
+import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
@@ -62,9 +66,10 @@
* Servlet to upload and browse files.
*
- * This servlet accepts 4 commands used to retrieve and create files and folders from a server directory. The allowed
- * commands are:
+ * This servlet accepts 4 commands used to retrieve and create files and folders
+ * from a server directory. The allowed commands are:
*
* - GetFolders: Retrive the list of directory under the current folder
- *
- GetFoldersAndFiles: Retrive the list of files and directory under the current folder
+ *
- GetFoldersAndFiles: Retrive the list of files and directory under the
+ * current folder
*
- CreateFolder: Create a new directory under the current folder
*
- FileUpload: Send a new file to the server (must be sent with a POST)
@@ -75,245 +80,286 @@
public class ConnectorServlet extends HttpServlet {
- private static final long serialVersionUID = -5742008970929377161L;
- private static final Logger logger = LoggerFactory.getLogger(ConnectorServlet.class);
-
-
- /**
- * Initialize the servlet.
- * Retrieve from the servlet configuration the "baseDir" which is the root of the file repository.
- */
- public void init() throws ServletException {
- if (getInitParameter("baseDir") != null)
- ConfigurationHandler.setBaseDir(getInitParameter("baseDir"));
- String realBaseDir = getServletContext().getRealPath(ConfigurationHandler.getBaseDir());
- File baseFile = new File(realBaseDir);
- if (!baseFile.exists()) {
- baseFile.mkdirs();
- }
- logger.info("*** Connector Servlet initialized successfull!");
- }
-
- /**
- * Manage the Get requests (GetFolders, GetFoldersAndFiles, CreateFolder).
- *
- * The servlet accepts commands sent in the following format:
- * connector?Command=CommandName&Type=ResourceType&CurrentFolder=FolderPath
- *
- * It execute the command and then return the results to the client in XML format.
- *
- */
- public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- logger.debug("Entered #doGet.");
-
- response.setCharacterEncoding("UTF-8");
- response.setContentType("application/xml; charset=UTF-8");
- response.setHeader("Cache-Control", "no-cache");
- PrintWriter out = response.getWriter();
-
- String commandStr = request.getParameter("Command");
- String typeStr = request.getParameter("Type");
- String currentFolderStr = request.getParameter("CurrentFolder");
- boolean validPath = Utils.isValidPath(currentFolderStr);
- // TODO untersuchen wie es vom Res Browser kommt
- String currentPath = constructTypeBasedFolderString(typeStr, currentFolderStr);
- String currentDirPath = getServletContext().getRealPath(currentPath);
-
- File currentDir = new File(currentDirPath);
- if (!currentDir.exists()) {
- currentDir.mkdirs();
- logger.debug("Dir successfull created: " + currentDirPath);
- }
-
- Document document = null;
- try {
- DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
- DocumentBuilder builder = factory.newDocumentBuilder();
- document = builder.newDocument();
- } catch (ParserConfigurationException pce) {
- logger.error("Error while parsing DOM: " + pce.getLocalizedMessage(), pce);
- }
-
- Node root = CreateCommonXml(document, commandStr, typeStr, currentFolderStr, request.getContextPath()
- + currentPath);
- logger.debug("Command = " + commandStr);
-
- if (commandStr.equals("GetFolders")) {
- getFolders(currentDir, root, document);
- } else if (commandStr.equals("GetFoldersAndFiles")) {
- getFolders(currentDir, root, document);
- getFiles(currentDir, root, document);
- } else if (commandStr.equals("CreateFolder")) {
- String newFolderStr = request.getParameter("NewFolderName");
- File newFolder = new File(currentDir, newFolderStr);
- String retValue = "110";
-
- if (newFolder.exists()) {
- retValue = "101";
- } else {
+ private static final long serialVersionUID = -5742008970929377161L;
+ private static final Logger logger = LoggerFactory
+ .getLogger(ConnectorServlet.class);
+
+ /**
+ * Initialize the servlet.
+ * Retrieve from the servlet configuration the "baseDir" which is the root
+ * of the file repository.
+ */
+ public void init() throws ServletException {
+ if (getInitParameter("baseDir") != null)
+ ConfigurationHandler.setBaseDir(getInitParameter("baseDir"));
+ String realBaseDir = getServletContext().getRealPath(
+ ConfigurationHandler.getBaseDir());
+ File baseFile = new File(realBaseDir);
+ if (!baseFile.exists()) {
+ baseFile.mkdirs();
+ }
+ logger.info("*** Connector Servlet initialized successfull!");
+ }
+
+ /**
+ * Manage the Get requests (GetFolders, GetFoldersAndFiles, CreateFolder).
+ *
+ * The servlet accepts commands sent in the following format:
+ * connector?Command=CommandName&Type=ResourceType&CurrentFolder=FolderPath
+ *
+ * It execute the command and then return the results to the client in XML
+ * format.
+ *
+ */
+ public void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ logger.debug("Entered #doGet.");
+
+ response.setCharacterEncoding("UTF-8");
+ response.setContentType("application/xml; charset=UTF-8");
+ response.setHeader("Cache-Control", "no-cache");
+ PrintWriter out = response.getWriter();
+
+ String commandStr = request.getParameter("Command");
+ String typeStr = request.getParameter("Type");
+ String currentFolderStr = request.getParameter("CurrentFolder");
+ // boolean validPath = Utils.isValidPath(currentFolderStr);
+ // TODO untersuchen wie es vom Res Browser kommt
+ String currentPath = constructTypeBasedFolderString(typeStr,
+ currentFolderStr);
+ String currentDirPath = getServletContext().getRealPath(currentPath);
+
+ File currentDir = new File(currentDirPath);
+ if (!currentDir.exists()) {
+ currentDir.mkdirs();
+ logger.debug("Dir successfull created: " + currentDirPath);
+ }
+
+ Document document = null;
try {
- boolean dirCreated = newFolder.mkdir();
- if (dirCreated)
- retValue = "0";
- else
- retValue = "102";
- } catch (SecurityException sex) {
- retValue = "103";
- }
-
- }
- setCreateFolderResponse(retValue, root, document);
- }
-
- document.getDocumentElement().normalize();
- try {
- TransformerFactory tFactory = TransformerFactory.newInstance();
- Transformer transformer = tFactory.newTransformer();
-
- DOMSource source = new DOMSource(document);
-
- StreamResult result = new StreamResult(out);
- transformer.transform(source, result);
- /*
- * if (debug) { StreamResult dbgResult = new StreamResult(System.out); transformer.transform(source,
- * dbgResult); System.out.println(""); System.out.println("--- END DOGET ---"); }
- */
- } catch (Exception ex) {
- logger.error("Error while transforming DOM to HttpServletResponse: " + ex.getMessage(), ex);
- }
-
- out.flush();
- out.close();
- logger.debug("Successfull ended #doGet!");
- }
-
- /**
- * Manage the Post requests (FileUpload).
- *
- * The servlet accepts commands sent in the following format:
- * connector?Command=FileUpload&Type=ResourceType&CurrentFolder=FolderPath
- *
- * It store the file (renaming it in case a file with the same name exists) and then return an HTML file with a
- * javascript command in it.
- *
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- logger.debug("Entered #doPost.");
-
- response.setCharacterEncoding("UTF-8");
- response.setContentType("text/html; charset=UTF-8");
- response.setHeader("Cache-Control", "no-cache");
- PrintWriter out = response.getWriter();
-
- String commandStr = request.getParameter("Command");
- String typeStr = request.getParameter("Type");
- String currentFolderStr = request.getParameter("CurrentFolder");
-
- String currentPath = constructTypeBasedFolderString(typeStr, currentFolderStr);
- String currentDirPath = getServletContext().getRealPath(currentPath);
- logger.debug("current path dir: " + currentDirPath);
-
- String retVal = "0";
- String newName = "";
-
- if (!commandStr.equals("FileUpload"))
- retVal = "203";
- else {
- FileItemFactory factory = new DiskFileItemFactory();
- ServletFileUpload upload = new ServletFileUpload(factory);
- try {
- List items = upload.parseRequest(request);
-
- Map fields = new HashMap();
-
- Iterator iter = items.iterator();
- while (iter.hasNext()) {
- FileItem item = (FileItem) iter.next();
- if (item.isFormField())
- fields.put(item.getFieldName(), item.getString());
- else
- fields.put(item.getFieldName(), item);
- }
- FileItem uplFile = (FileItem) fields.get("NewFile");
- String fileNameLong = uplFile.getName();
- fileNameLong = fileNameLong.replace('\\', '/');
- String[] pathParts = fileNameLong.split("/");
- String filename = pathParts[pathParts.length - 1];
-
- String baseName = FilenameUtils.getBaseName(filename);// Utils.getNameWithoutExtension(filename);
- String ext = FilenameUtils.getExtension(filename); // Utils.getExtension(fileName);
- File pathToSave = new File(currentDirPath, filename);
- int counter = 1;
- while (pathToSave.exists()) {
- newName = baseName + "(" + counter + ")" + "." + ext;
- retVal = "201";
- pathToSave = new File(currentDirPath, newName);
- counter++;
- }
- uplFile.write(pathToSave);
- } catch (Exception ex) {
- retVal = "203";
- }
-
- }
-
- out.println("");
- out.flush();
- out.close();
-
- logger.debug("Successfull ended #doPost.");
- }
-
- private void setCreateFolderResponse(String retValue, Node root, Document doc) {
- Element myEl = doc.createElement("Error");
- myEl.setAttribute("number", retValue);
- root.appendChild(myEl);
- }
-
- private void getFolders(File dir, Node root, Document doc) {
- Element folders = doc.createElement("Folders");
- root.appendChild(folders);
- File[] fileList = dir.listFiles((FileFilter) DirectoryFileFilter.DIRECTORY);
- for (File file : fileList) {
- Element myEl = doc.createElement("Folder");
- myEl.setAttribute("name", file.getName());
- folders.appendChild(myEl);
- }
- }
-
- private void getFiles(File dir, Node root, Document doc) {
- Element files = doc.createElement("Files");
- root.appendChild(files);
- File[] fileList = dir.listFiles((FileFilter) FileFileFilter.FILE);
-
- for (File file : fileList) {
- Element myEl = doc.createElement("File");
- myEl.setAttribute("name", file.getName());
- myEl.setAttribute("size", String.valueOf(file.length() / 1024));
- files.appendChild(myEl);
- }
- }
-
- private Node CreateCommonXml(Document doc, String commandStr, String typeStr, String currentPath, String currentUrl) {
- Element root = doc.createElement("Connector");
- doc.appendChild(root);
- root.setAttribute("command", commandStr);
- root.setAttribute("resourceType", typeStr);
-
- Element myEl = doc.createElement("CurrentFolder");
- myEl.setAttribute("path", currentPath);
- myEl.setAttribute("url", currentUrl);
- root.appendChild(myEl);
-
- return root;
- }
-
- private String constructTypeBasedFolderString(final String fileType, final String currentFolderString) {
- StringWriter retval = new StringWriter();
- retval.append(ConfigurationHandler.getBaseDir());
- retval.append(ConfigurationHandler.getSubDirForType(fileType));
- retval.append(currentFolderString);
- return Utils.replaceAll(retval.toString(), "//", "/");
- }
+ DocumentBuilderFactory factory = DocumentBuilderFactory
+ .newInstance();
+ DocumentBuilder builder = factory.newDocumentBuilder();
+ document = builder.newDocument();
+ } catch (ParserConfigurationException pce) {
+ logger.error("Error while parsing DOM: "
+ + pce.getLocalizedMessage(), pce);
+ }
+
+ Node root = createCommonXml(document, commandStr, typeStr,
+ currentFolderStr, request.getContextPath() + currentPath);
+ logger.debug("Command = " + commandStr);
+
+ if (commandStr.equals("GetFolders")) {
+ getFolders(currentDir, root, document);
+ } else if (commandStr.equals("GetFoldersAndFiles")) {
+ getFolders(currentDir, root, document);
+ getFiles(currentDir, root, document);
+ } else if (commandStr.equals("CreateFolder")) {
+ String newFolderStr = request.getParameter("NewFolderName");
+ File newFolder = new File(currentDir, newFolderStr);
+ String retValue = "110";
+
+ if (newFolder.exists()) {
+ retValue = "101";
+ } else {
+ try {
+ boolean dirCreated = newFolder.mkdir();
+ if (dirCreated)
+ retValue = "0";
+ else
+ retValue = "102";
+ } catch (SecurityException sex) {
+ retValue = "103";
+ }
+
+ }
+ setCreateFolderResponse(retValue, root, document);
+ }
+
+ document.getDocumentElement().normalize();
+ try {
+ TransformerFactory tFactory = TransformerFactory.newInstance();
+ Transformer transformer = tFactory.newTransformer();
+
+ DOMSource source = new DOMSource(document);
+
+ StreamResult result = new StreamResult(out);
+ transformer.transform(source, result);
+ /*
+ * if (debug) { StreamResult dbgResult = new
+ * StreamResult(System.out); transformer.transform(source,
+ * dbgResult); System.out.println(""); System.out.println("--- END
+ * DOGET ---"); }
+ */
+ } catch (Exception ex) {
+ logger.error(
+ "Error while transforming DOM to HttpServletResponse: "
+ + ex.getMessage(), ex);
+ }
+
+ out.flush();
+ out.close();
+ logger.debug("Successfull ended #doGet!");
+ }
+
+ /**
+ * Manage the Post requests (FileUpload).
+ *
+ * The servlet accepts commands sent in the following format:
+ * connector?Command=FileUpload&Type=ResourceType&CurrentFolder=FolderPath
+ *
+ * It store the file (renaming it in case a file with the same name exists)
+ * and then return an HTML file with a javascript command in it.
+ *
+ */
+ public void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ logger.debug("Entering #doPost");
+
+ response.setCharacterEncoding("UTF-8");
+ response.setContentType("text/html; charset=UTF-8");
+ response.setHeader("Cache-Control", "no-cache");
+ PrintWriter out = response.getWriter();
+
+ String commandStr = request.getParameter("Command");
+ String typeStr = request.getParameter("Type");
+ String currentFolderStr = request.getParameter("CurrentFolder");
+
+ if (isEmpty(commandStr) && isEmpty(currentFolderStr)) {
+ commandStr = "QuickUpload";
+ currentFolderStr = "/";
+ }
+
+ UploadResponse ur = null;
+
+ String currentPath = constructTypeBasedFolderString(typeStr,
+ currentFolderStr);
+ String currentDirPath = getServletContext().getRealPath(currentPath);
+
+ if (!commandStr.equals("FileUpload")
+ || !commandStr.equals("QuickUpload"))
+ ur = UploadResponse.UR_SECURITY_ERROR;
+ else if (!isValidPath(currentFolderStr)
+ || !(new File(currentDirPath).exists())) {
+ ur = new UploadResponse(UploadResponse.EN_ERROR);
+ ur.setCustomMessage("The current folder path is invalid");
+ } else {
+
+ // logger.debug("current path dir: " + currentDirPath);
+
+ String newFilename = "";
+ FileItemFactory factory = new DiskFileItemFactory();
+ ServletFileUpload upload = new ServletFileUpload(factory);
+ try {
+ List items = (List) upload
+ .parseRequest(request);
+
+ // We upload only one file at the same time
+ FileItem uplFile = items.get(0);
+ String filename = FilenameUtils.getName(uplFile.getName());
+ String baseName = FilenameUtils.removeExtension(filename);
+ String extension = FilenameUtils.getExtension(filename);
+
+ boolean validExtension = ExtensionsHandler.isAllowed(typeStr,
+ extension);
+
+ if (!validExtension)
+ ur = UploadResponse.UR_INVALID_EXTENSION;
+ else {
+
+ // TODO check if forceSingleExtension is enabled
+ if (false) {
+ filename = forceSingleExtension(filename);
+ baseName = FilenameUtils.removeExtension(filename);
+ }
+
+ File pathToSave = new File(currentDirPath, filename);
+ int counter = 1;
+ while (pathToSave.exists()) {
+ newFilename = baseName + "(" + counter + ")" + "."
+ + extension;
+ pathToSave = new File(currentDirPath, newFilename);
+ counter++;
+ }
+
+ uplFile.write(pathToSave);
+ if (newFilename.equals(filename))
+ ur = UploadResponse.UR_OK;
+ else {
+ ur = new UploadResponse(UploadResponse.EN_RENAMED);
+ ur.setFilename(newFilename);
+ }
+ }
+ } catch (FileUploadException ex) {
+ ur = new UploadResponse(UploadResponse.EN_ERROR);
+ ur
+ .setCustomMessage("Your request could not be parsed successfully");
+ } catch (Exception e) {
+ ur = UploadResponse.UR_SECURITY_ERROR;
+ }
+
+ }
+ out.println(ur);
+ out.flush();
+ out.close();
+
+ logger.debug("Exiting #doPost");
+ }
+
+ private void setCreateFolderResponse(String retValue, Node root,
+ Document doc) {
+ Element myEl = doc.createElement("Error");
+ myEl.setAttribute("number", retValue);
+ root.appendChild(myEl);
+ }
+
+ private void getFolders(File dir, Node root, Document doc) {
+ Element folders = doc.createElement("Folders");
+ root.appendChild(folders);
+ File[] fileList = dir
+ .listFiles((FileFilter) DirectoryFileFilter.DIRECTORY);
+ for (File file : fileList) {
+ Element myEl = doc.createElement("Folder");
+ myEl.setAttribute("name", file.getName());
+ folders.appendChild(myEl);
+ }
+ }
+
+ private void getFiles(File dir, Node root, Document doc) {
+ Element files = doc.createElement("Files");
+ root.appendChild(files);
+ File[] fileList = dir.listFiles((FileFilter) FileFileFilter.FILE);
+
+ for (File file : fileList) {
+ Element myEl = doc.createElement("File");
+ myEl.setAttribute("name", file.getName());
+ myEl.setAttribute("size", String.valueOf(file.length() / 1024));
+ files.appendChild(myEl);
+ }
+ }
+
+ private Node createCommonXml(Document doc, String commandStr,
+ String typeStr, String currentPath, String currentUrl) {
+ Element root = doc.createElement("Connector");
+ doc.appendChild(root);
+ root.setAttribute("command", commandStr);
+ root.setAttribute("resourceType", typeStr);
+
+ Element myEl = doc.createElement("CurrentFolder");
+ myEl.setAttribute("path", currentPath);
+ myEl.setAttribute("url", currentUrl);
+ root.appendChild(myEl);
+
+ return root;
+ }
+
+ private String constructTypeBasedFolderString(final String fileType,
+ final String currentFolderString) {
+ StringWriter retval = new StringWriter();
+ retval.append(ConfigurationHandler.getBaseDir());
+ retval.append(ConfigurationHandler.getSubDirForType(fileType));
+ retval.append(currentFolderString);
+ return replaceAll(retval.toString(), "//", "/");
+ }
+
}
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UploadResponse.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UploadResponse.java (revision 1386)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UploadResponse.java (revision 1386)
@@ -0,0 +1,99 @@
+package net.fckeditor.tool;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+public class UploadResponse {
+
+ private Map parameters;
+ public static final int EN_OK = 0;
+ public static final int EN_ERROR = 1;
+ public static final int EN_WARNING = 101;
+ public static final int EN_RENAMED = 201;
+ public static final int EN_INVALID_EXTENSION = 202;
+ public static final int EN_SECURITY_ERROR = 203;
+ public static final int EN_GENERIC_NUMBER = -1;
+
+ public static final UploadResponse UR_OK = new UploadResponse(EN_OK);
+ public static final UploadResponse UR_INVALID_EXTENSION = new UploadResponse(EN_INVALID_EXTENSION);
+ public static final UploadResponse UR_SECURITY_ERROR = new UploadResponse(EN_SECURITY_ERROR);
+ public static final UploadResponse UR_GENERIC_NUMBER = new UploadResponse(EN_GENERIC_NUMBER);
+
+ public UploadResponse(int errorNumber, String fileUrl, String filename,
+ String customMessage) {
+ parameters = new LinkedHashMap(4);
+ parameters.put("errorNumber", String.valueOf(errorNumber));
+ parameters.put("fileUrl", fileUrl);
+ parameters.put("fileyname", filename);
+ parameters.put("customMessage", customMessage);
+ }
+
+ public UploadResponse(int errorNumber) {
+ parameters = new LinkedHashMap(1);
+ parameters.put("errorNumber", String.valueOf(errorNumber));
+ }
+
+ /**
+ *
+ * @param filename
+ */
+ public void setFilename(String filename) {
+ if (parameters.size() == 1)
+ parameters.put("fileUrl", null);
+ parameters.put("filename", filename);
+ }
+
+ public void setCustomMessage(String customMassage) {
+ if (parameters.size() == 1) {
+ parameters.put("fileUrl", null);
+ parameters.put("filename", null);
+ }
+ parameters.put("customMessage", customMassage);
+ }
+
+ public void setErrorNumber(int errorNumber) {
+ parameters.put("errorNumber", String.valueOf(errorNumber));
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder(75);
+ sb.append("");
+
+ return sb.toString();
+ }
+
+ public static void main(String[] args) {
+
+ UploadResponse ur = new UploadResponse(101);
+ //ur.setCustomMessage("shit happens");
+ //ur.setFilename("hacked.php");
+ ur.setCustomMessage("nothing happens");
+ System.out.println(ur);
+ }
+}
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/Utils.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/Utils.java (revision 1385)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/Utils.java (revision 1386)
@@ -120,12 +120,7 @@
}
- // TODO code isn't very beautiful, is there a better way besides looping through the filename?
public static String forceSingleExtension (final String filename) {
-
- int lastDotPosition = filename.lastIndexOf(".");
- StringBuffer sb = new StringBuffer(filename.replaceAll("\\.", "_"));
- sb.setCharAt(lastDotPosition, '.');
-
- return sb.toString();
+
+ return filename.replaceAll("\\.(?![^.]+$)", "_");
}
@@ -148,4 +143,9 @@
return false;
+ if (path.contains("/..") || path.contains("../"))
+ return false;
+ if (path.contains("./") || path.contains("/."))
+ return false;
+
return true;
}
Index: /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/tool/UtilsTest.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/tool/UtilsTest.java (revision 1385)
+++ /FCKeditor.Java/branches/2.4/src/test/java/net/fckeditor/tool/UtilsTest.java (revision 1386)
@@ -27,4 +27,5 @@
import java.util.Set;
+import org.junit.Ignore;
import org.junit.Test;
@@ -86,110 +87,105 @@
assertEquals(str, "faa");
}
-
+
@Test
- public void isSingleExtension01 () {
+ public void isSingleExtension01() {
boolean condition = Utils.isSingleExtension("hacked.txt");
assertTrue(condition);
}
-
+
@Test
- public void isSingleExtension02 () {
+ public void isSingleExtension02() {
boolean condition = Utils.isSingleExtension("hacked.php_txt");
assertTrue(condition);
}
-
+
@Test
- public void isSingleExtension03 () {
+ public void isSingleExtension03() {
boolean condition = !Utils.isSingleExtension("hacked.php.txt");
assertTrue(condition);
}
-
+
@Test
- public void isSingleExtension04 () {
+ public void isSingleExtension04() {
boolean condition = !Utils.isSingleExtension("hacked.txt.");
assertTrue(condition);
}
-
+
@Test
- public void isSingleExtension05 () {
+ public void isSingleExtension05() {
boolean condition = !Utils.isSingleExtension("hacked..txt");
assertTrue(condition);
}
-
+
@Test
- public void forceSingleExtension01 () {
+ public void forceSingleExtension01() {
String actual = Utils.forceSingleExtension("hacked.txt");
assertEquals("hacked.txt", actual);
}
-
+
@Test
- public void forceSingleExtension02 () {
+ public void forceSingleExtension02() {
String actual = Utils.forceSingleExtension("hacked.php_txt");
assertEquals("hacked.php_txt", actual);
}
-
+
@Test
- public void forceSingleExtension03 () {
+ public void forceSingleExtension03() {
String actual = Utils.forceSingleExtension("hacked.php.txt");
assertEquals("hacked_php.txt", actual);
}
-
+
@Test
- public void forceSingleExtension04 () {
- String actual = Utils.forceSingleExtension("hacked.txt.");
- assertEquals("hacked_txt.", actual);
- }
-
- @Test
- public void forceSingleExtension05 () {
+ public void forceSingleExtension04() {
String actual = Utils.forceSingleExtension("hacked..txt");
assertEquals("hacked_.txt", actual);
}
-
+
@Test
- public void isValidPath01 () {
+ public void isValidPath01() {
String path = "";
boolean condition = !Utils.isValidPath(path);
assertTrue(condition);
}
+
@Test
- public void isValidPath02 () {
+ public void isValidPath02() {
String path = "/";
boolean condition = Utils.isValidPath(path);
assertTrue(condition);
}
-
+
@Test
- public void isValidPath03 () {
+ public void isValidPath03() {
String path = "/./";
- boolean condition = Utils.isValidPath(path);
+ boolean condition = !Utils.isValidPath(path);
assertTrue(condition);
}
-
+
@Test
- public void isValidPath04 () {
+ public void isValidPath04() {
String path = "/newf/..";
- boolean condition = Utils.isValidPath(path);
+ boolean condition = !Utils.isValidPath(path);
assertTrue(condition);
}
-
+
@Test
- public void isValidPath05 () {
+ public void isValidPath05() {
String path = "/../";
boolean condition = !Utils.isValidPath(path);
assertTrue(condition);
}
-
+
@Test
- public void isValidPath06 () {
+ public void isValidPath06() {
String path = "/stuff/../..";
boolean condition = !Utils.isValidPath(path);
assertTrue(condition);
}
-
+
@Test
- public void isValidPath07 () {
+ public void isValidPath07() {
String path = "/my/stuff/..";
- boolean condition = Utils.isValidPath(path);
+ boolean condition = !Utils.isValidPath(path);
assertTrue(condition);
}
Index: /FCKeditor.Java/branches/2.4/src/test/resources/log4j.properties
===================================================================
--- /FCKeditor.Java/branches/2.4/src/test/resources/log4j.properties (revision 1385)
+++ /FCKeditor.Java/branches/2.4/src/test/resources/log4j.properties (revision 1386)
@@ -1,3 +1,3 @@
-log4j.rootLogger=INFO, SOCKET
+log4j.rootLogger=DEBUG, SOCKET
log4j.appender.FILE=org.apache.log4j.DailyRollingFileAppender
log4j.appender.FILE.layout=org.apache.log4j.PatternLayout