GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

AntRegexRequestMatcher Optimization 

Closes gh-11234
5.3.x
Rob Winch 4 years ago
parent
9059fb3fc7
commit
7f121e82f4
2 changed files with 23 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      web/src/main/java/org/springframework/security/web/util/matcher/RegexRequestMatcher.java
  2. 16
      web/src/test/java/org/springframework/security/web/util/matcher/RegexRequestMatcherTests.java

15
web/src/main/java/org/springframework/security/web/util/matcher/RegexRequestMatcher.java
Unescape View File

@ -40,8 +40,13 @@ import org.springframework.util.StringUtils; @@ -40,8 +40,13 @@ import org.springframework.util.StringUtils;
* @since 3.1
*/
public final class RegexRequestMatcher implements RequestMatcher {
private final static Log logger = LogFactory.getLog(RegexRequestMatcher.class);
private static final int DEFAULT = Pattern.DOTALL;
private static final int CASE_INSENSITIVE = DEFAULT | Pattern.CASE_INSENSITIVE;
private final Pattern pattern;
private final HttpMethod httpMethod;
@ -64,14 +69,8 @@ public final class RegexRequestMatcher implements RequestMatcher { @@ -64,14 +69,8 @@ public final class RegexRequestMatcher implements RequestMatcher {
* {@link Pattern#CASE_INSENSITIVE} flag set.
*/
public RegexRequestMatcher(String pattern, String httpMethod, boolean caseInsensitive) {
if (caseInsensitive) {
this.pattern = Pattern.compile(pattern, Pattern.CASE_INSENSITIVE);
}
else {
this.pattern = Pattern.compile(pattern);
}
this.httpMethod = StringUtils.hasText(httpMethod) ? HttpMethod
.valueOf(httpMethod) : null;
this.pattern = Pattern.compile(pattern, caseInsensitive ? CASE_INSENSITIVE : DEFAULT);
this.httpMethod = StringUtils.hasText(httpMethod) ? HttpMethod.valueOf(httpMethod) : null;
}
/**

16
web/src/test/java/org/springframework/security/web/util/matcher/RegexRequestMatcherTests.java
Unescape View File

@ -108,6 +108,22 @@ public class RegexRequestMatcherTests { @@ -108,6 +108,22 @@ public class RegexRequestMatcherTests {
assertThat(matcher.matches(request)).isFalse();
}
@Test
public void matchesWithCarriageReturn() {
RegexRequestMatcher matcher = new RegexRequestMatcher(".*", null);
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/blah%0a");
request.setServletPath("/blah\n");
assertThat(matcher.matches(request)).isTrue();
}
@Test
public void matchesWithLineFeed() {
RegexRequestMatcher matcher = new RegexRequestMatcher(".*", null);
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/blah%0d");
request.setServletPath("/blah\r");
assertThat(matcher.matches(request)).isTrue();
}
@Test
public void toStringThenFormatted() {
RegexRequestMatcher matcher = new RegexRequestMatcher("/blah", "GET");

Write Preview
Loading…
Cancel
Save