GitHub-Spring
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Resolve absolute resource links in ResourceTransformers 

This commit adapts the fix for SPR-14597 commited to spring-webmvc to
the spring-web-reactive module.

Issue: SPR-14597
pull/1199/head
Brian Clozel 10 years ago
parent
679b661e19
commit
7ae729480e
5 changed files with 87 additions and 27 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      spring-web-reactive/src/main/java/org/springframework/web/reactive/resource/AppCacheManifestTransformer.java
  2. 3
      spring-web-reactive/src/main/java/org/springframework/web/reactive/resource/CssLinkResourceTransformer.java
  3. 19
      spring-web-reactive/src/main/java/org/springframework/web/reactive/resource/ResourceTransformerSupport.java
  4. 43
      spring-web-reactive/src/test/java/org/springframework/web/reactive/resource/AppCacheManifestTransformerTests.java
  5. 46
      spring-web-reactive/src/test/java/org/springframework/web/reactive/resource/CssLinkResourceTransformerTests.java

3
spring-web-reactive/src/main/java/org/springframework/web/reactive/resource/AppCacheManifestTransformer.java
Unescape View File

@ -144,7 +144,8 @@ public class AppCacheManifestTransformer extends ResourceTransformerSupport {
return Mono.just(new LineOutput(info.getLine(), null)); return Mono.just(new LineOutput(info.getLine(), null));
} }
Mono<String> pathMono = resolveUrlPath(info.getLine(), exchange, resource, chain) String link = toAbsolutePath(info.getLine(), exchange.getRequest());
Mono<String> pathMono = resolveUrlPath(link, exchange, resource, chain)
.doOnNext(path -> { .doOnNext(path -> {
if (logger.isTraceEnabled()) { if (logger.isTraceEnabled()) {
logger.trace("Link modified: " + path + " (original: " + info.getLine() + ")"); logger.trace("Link modified: " + path + " (original: " + info.getLine() + ")");

3
spring-web-reactive/src/main/java/org/springframework/web/reactive/resource/CssLinkResourceTransformer.java
Unescape View File

@ -102,7 +102,8 @@ public class CssLinkResourceTransformer extends ResourceTransformerSupport {
.concatMap(segment -> { .concatMap(segment -> {
String segmentContent = segment.getContent(fullContent); String segmentContent = segment.getContent(fullContent);
if (segment.isLink() && !hasScheme(segmentContent)) { if (segment.isLink() && !hasScheme(segmentContent)) {
return resolveUrlPath(segmentContent, exchange, newResource, transformerChain) String link = toAbsolutePath(segmentContent, exchange.getRequest());
return resolveUrlPath(link, exchange, newResource, transformerChain)
.defaultIfEmpty(segmentContent); .defaultIfEmpty(segmentContent);
} }
else { else {

19
spring-web-reactive/src/main/java/org/springframework/web/reactive/resource/ResourceTransformerSupport.java
Unescape View File

@ -21,6 +21,8 @@ import java.util.Collections;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import org.springframework.core.io.Resource; import org.springframework.core.io.Resource;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.ServerWebExchange;
/** /**
@ -72,7 +74,7 @@ public abstract class ResourceTransformerSupport implements ResourceTransformer
if (resourcePath.startsWith("/")) { if (resourcePath.startsWith("/")) {
// full resource path // full resource path
ResourceUrlProvider urlProvider = getResourceUrlProvider(); ResourceUrlProvider urlProvider = getResourceUrlProvider();
return (urlProvider != null ? urlProvider.getForRequestUrl(exchange, resourcePath) : null); return (urlProvider != null ? urlProvider.getForRequestUrl(exchange, resourcePath) : Mono.empty());
} }
else { else {
// try resolving as relative path // try resolving as relative path
@ -81,4 +83,19 @@ public abstract class ResourceTransformerSupport implements ResourceTransformer
} }
} }
/**
* Transform the given relative request path to an absolute path,
* taking the path of the given request as a point of reference.
* The resulting path is also cleaned from sequences like "path/..".
*
* @param path the relative path to transform
* @param request the referer request
* @return the absolute request path for the given resource path
*/
protected String toAbsolutePath(String path, ServerHttpRequest request) {
String requestPath = request.getURI().getPath();
String absolutePath = StringUtils.applyRelativePath(requestPath, path);
return StringUtils.cleanPath(absolutePath);
}
} }

43
spring-web-reactive/src/test/java/org/springframework/web/reactive/resource/AppCacheManifestTransformerTests.java
Unescape View File

@ -61,18 +61,35 @@ public class AppCacheManifestTransformerTests {
@Before @Before
public void setup() { public void setup() {
ClassPathResource allowedLocation = new ClassPathResource("test/", getClass());
ResourceWebHandler resourceHandler = new ResourceWebHandler();
ResourceUrlProvider resourceUrlProvider = new ResourceUrlProvider();
resourceUrlProvider.setHandlerMap(Collections.singletonMap("/static/**", resourceHandler));
VersionResourceResolver versionResolver = new VersionResourceResolver();
versionResolver.setStrategyMap(Collections.singletonMap("/**", new ContentVersionStrategy()));
PathResourceResolver pathResolver = new PathResourceResolver();
pathResolver.setAllowedLocations(allowedLocation);
List<ResourceResolver> resolvers = Arrays.asList(versionResolver, pathResolver);
ResourceResolverChain resolverChain = new DefaultResourceResolverChain(resolvers);
CssLinkResourceTransformer cssLinkResourceTransformer = new CssLinkResourceTransformer();
cssLinkResourceTransformer.setResourceUrlProvider(resourceUrlProvider);
List<ResourceTransformer> transformers = Arrays.asList(cssLinkResourceTransformer);
this.chain = new DefaultResourceTransformerChain(resolverChain, transformers);
this.transformer = new AppCacheManifestTransformer(); this.transformer = new AppCacheManifestTransformer();
this.chain = mock(ResourceTransformerChain.class); this.transformer.setResourceUrlProvider(resourceUrlProvider);
MockServerHttpRequest request = new MockServerHttpRequest(HttpMethod.GET, ""); resourceHandler.setResourceResolvers(resolvers);
ServerHttpResponse response = new MockServerHttpResponse(); resourceHandler.setResourceTransformers(transformers);
WebSessionManager manager = new DefaultWebSessionManager(); resourceHandler.setLocations(Collections.singletonList(allowedLocation));
this.exchange = new DefaultServerWebExchange(request, response, manager);
} }
@Test @Test
public void noTransformIfExtensionNoMatch() throws Exception { public void noTransformIfExtensionNoMatch() throws Exception {
initExchange(HttpMethod.GET, "/static/foobar.file");
this.chain = mock(ResourceTransformerChain.class);
Resource resource = mock(Resource.class); Resource resource = mock(Resource.class);
given(resource.getFilename()).willReturn("foobar.file"); given(resource.getFilename()).willReturn("foobar.file");
given(this.chain.transform(this.exchange, resource)).willReturn(Mono.just(resource)); given(this.chain.transform(this.exchange, resource)).willReturn(Mono.just(resource));
@ -83,6 +100,8 @@ public class AppCacheManifestTransformerTests {
@Test @Test
public void syntaxErrorInManifest() throws Exception { public void syntaxErrorInManifest() throws Exception {
initExchange(HttpMethod.GET, "/static/error.appcache");
this.chain = mock(ResourceTransformerChain.class);
Resource resource = new ClassPathResource("test/error.appcache", getClass()); Resource resource = new ClassPathResource("test/error.appcache", getClass());
given(this.chain.transform(this.exchange, resource)).willReturn(Mono.just(resource)); given(this.chain.transform(this.exchange, resource)).willReturn(Mono.just(resource));
@ -92,7 +111,7 @@ public class AppCacheManifestTransformerTests {
@Test @Test
public void transformManifest() throws Exception { public void transformManifest() throws Exception {
initExchange(HttpMethod.GET, "/static/test.appcache");
VersionResourceResolver versionResolver = new VersionResourceResolver(); VersionResourceResolver versionResolver = new VersionResourceResolver();
versionResolver.setStrategyMap(Collections.singletonMap("/**", new ContentVersionStrategy())); versionResolver.setStrategyMap(Collections.singletonMap("/**", new ContentVersionStrategy()));
@ -112,11 +131,11 @@ public class AppCacheManifestTransformerTests {
String content = new String(bytes, "UTF-8"); String content = new String(bytes, "UTF-8");
assertThat("should rewrite resource links", content, assertThat("should rewrite resource links", content,
Matchers.containsString("foo-e36d2e05253c6c7085a91522ce43a0b4.css")); Matchers.containsString("/static/foo-e36d2e05253c6c7085a91522ce43a0b4.css"));
assertThat("should rewrite resource links", content, assertThat("should rewrite resource links", content,
Matchers.containsString("bar-11e16cf79faee7ac698c805cf28248d2.css")); Matchers.containsString("/static/bar-11e16cf79faee7ac698c805cf28248d2.css"));
assertThat("should rewrite resource links", content, assertThat("should rewrite resource links", content,
Matchers.containsString("js/bar-bd508c62235b832d960298ca6c0b7645.js")); Matchers.containsString("/static/js/bar-bd508c62235b832d960298ca6c0b7645.js"));
assertThat("should not rewrite external resources", content, assertThat("should not rewrite external resources", content,
Matchers.containsString("//example.org/style.css")); Matchers.containsString("//example.org/style.css"));
@ -127,4 +146,10 @@ public class AppCacheManifestTransformerTests {
Matchers.containsString("# Hash: 4bf0338bcbeb0a5b3a4ec9ed8864107d")); Matchers.containsString("# Hash: 4bf0338bcbeb0a5b3a4ec9ed8864107d"));
} }
private void initExchange(HttpMethod method, String url) {
MockServerHttpRequest request = new MockServerHttpRequest(method, url);
ServerHttpResponse response = new MockServerHttpResponse();
WebSessionManager manager = new DefaultWebSessionManager();
this.exchange = new DefaultServerWebExchange(request, response, manager);
}
} }

46
spring-web-reactive/src/test/java/org/springframework/web/reactive/resource/CssLinkResourceTransformerTests.java
Unescape View File

@ -52,39 +52,45 @@ public class CssLinkResourceTransformerTests {
@Before @Before
public void setUp() { public void setUp() {
ClassPathResource allowedLocation = new ClassPathResource("test/", getClass());
ResourceWebHandler resourceHandler = new ResourceWebHandler();
ResourceUrlProvider resourceUrlProvider = new ResourceUrlProvider();
resourceUrlProvider.setHandlerMap(Collections.singletonMap("/static/**", resourceHandler));
VersionResourceResolver versionResolver = new VersionResourceResolver(); VersionResourceResolver versionResolver = new VersionResourceResolver();
versionResolver.setStrategyMap(Collections.singletonMap("/**", new ContentVersionStrategy())); versionResolver.setStrategyMap(Collections.singletonMap("/**", new ContentVersionStrategy()));
PathResourceResolver pathResolver = new PathResourceResolver(); PathResourceResolver pathResolver = new PathResourceResolver();
pathResolver.setAllowedLocations(new ClassPathResource("test/", getClass())); pathResolver.setAllowedLocations(allowedLocation);
List<ResourceResolver> resolvers = Arrays.asList(versionResolver, pathResolver); List<ResourceResolver> resolvers = Arrays.asList(versionResolver, pathResolver);
List<ResourceTransformer> transformers = Collections.singletonList(new CssLinkResourceTransformer());
CssLinkResourceTransformer cssLinkResourceTransformer = new CssLinkResourceTransformer();
cssLinkResourceTransformer.setResourceUrlProvider(resourceUrlProvider);
List<ResourceTransformer> transformers = Collections.singletonList(cssLinkResourceTransformer);
resourceHandler.setResourceResolvers(resolvers);
resourceHandler.setResourceTransformers(transformers);
resourceHandler.setLocations(Collections.singletonList(allowedLocation));
ResourceResolverChain resolverChain = new DefaultResourceResolverChain(resolvers); ResourceResolverChain resolverChain = new DefaultResourceResolverChain(resolvers);
this.transformerChain = new DefaultResourceTransformerChain(resolverChain, transformers); this.transformerChain = new DefaultResourceTransformerChain(resolverChain, transformers);
MockServerHttpRequest request = new MockServerHttpRequest(HttpMethod.GET, "");
ServerHttpResponse response = new MockServerHttpResponse();
WebSessionManager manager = new DefaultWebSessionManager();
this.exchange = new DefaultServerWebExchange(request, response, manager);
} }
@Test @Test
public void transform() throws Exception { public void transform() throws Exception {
initExchange(HttpMethod.GET, "/static/main.css");
Resource css = new ClassPathResource("test/main.css", getClass()); Resource css = new ClassPathResource("test/main.css", getClass());
TransformedResource actual = TransformedResource actual =
(TransformedResource) this.transformerChain.transform(this.exchange, css) (TransformedResource) this.transformerChain.transform(this.exchange, css)
.blockMillis(5000); .blockMillis(5000);
String expected = "\n" + String expected = "\n" +
"@import url(\"bar-11e16cf79faee7ac698c805cf28248d2.css\");\n" + "@import url(\"/static/bar-11e16cf79faee7ac698c805cf28248d2.css\");\n" +
"@import url('bar-11e16cf79faee7ac698c805cf28248d2.css');\n" + "@import url('/static/bar-11e16cf79faee7ac698c805cf28248d2.css');\n" +
"@import url(bar-11e16cf79faee7ac698c805cf28248d2.css);\n\n" + "@import url(/static/bar-11e16cf79faee7ac698c805cf28248d2.css);\n\n" +
"@import \"foo-e36d2e05253c6c7085a91522ce43a0b4.css\";\n" + "@import \"/static/foo-e36d2e05253c6c7085a91522ce43a0b4.css\";\n" +
"@import 'foo-e36d2e05253c6c7085a91522ce43a0b4.css';\n\n" + "@import '/static/foo-e36d2e05253c6c7085a91522ce43a0b4.css';\n\n" +
"body { background: url(\"images/image-f448cd1d5dba82b774f3202c878230b3.png\") }\n"; "body { background: url(\"/static/images/image-f448cd1d5dba82b774f3202c878230b3.png\") }\n";
String result = new String(actual.getByteArray(), "UTF-8"); String result = new String(actual.getByteArray(), "UTF-8");
result = StringUtils.deleteAny(result, "\r"); result = StringUtils.deleteAny(result, "\r");
@ -93,6 +99,7 @@ public class CssLinkResourceTransformerTests {
@Test @Test
public void transformNoLinks() throws Exception { public void transformNoLinks() throws Exception {
initExchange(HttpMethod.GET, "/static/foo.css");
Resource expected = new ClassPathResource("test/foo.css", getClass()); Resource expected = new ClassPathResource("test/foo.css", getClass());
Resource actual = this.transformerChain.transform(this.exchange, expected).blockMillis(5000); Resource actual = this.transformerChain.transform(this.exchange, expected).blockMillis(5000);
assertSame(expected, actual); assertSame(expected, actual);
@ -100,6 +107,7 @@ public class CssLinkResourceTransformerTests {
@Test @Test
public void transformExtLinksNotAllowed() throws Exception { public void transformExtLinksNotAllowed() throws Exception {
initExchange(HttpMethod.GET, "/static/external.css");
ResourceResolverChain resolverChain = Mockito.mock(DefaultResourceResolverChain.class); ResourceResolverChain resolverChain = Mockito.mock(DefaultResourceResolverChain.class);
ResourceTransformerChain transformerChain = new DefaultResourceTransformerChain(resolverChain, ResourceTransformerChain transformerChain = new DefaultResourceTransformerChain(resolverChain,
Collections.singletonList(new CssLinkResourceTransformer())); Collections.singletonList(new CssLinkResourceTransformer()));
@ -125,9 +133,17 @@ public class CssLinkResourceTransformerTests {
@Test @Test
public void transformWithNonCssResource() throws Exception { public void transformWithNonCssResource() throws Exception {
initExchange(HttpMethod.GET, "/static/images/image.png");
Resource expected = new ClassPathResource("test/images/image.png", getClass()); Resource expected = new ClassPathResource("test/images/image.png", getClass());
Resource actual = this.transformerChain.transform(this.exchange, expected).blockMillis(5000); Resource actual = this.transformerChain.transform(this.exchange, expected).blockMillis(5000);
assertSame(expected, actual); assertSame(expected, actual);
} }
private void initExchange(HttpMethod method, String url) {
MockServerHttpRequest request = new MockServerHttpRequest(method, url);
ServerHttpResponse response = new MockServerHttpResponse();
WebSessionManager manager = new DefaultWebSessionManager();
this.exchange = new DefaultServerWebExchange(request, response, manager);
}
} }

Write Preview
Loading…
Cancel
Save