Factor our validateURL method to allow external testing of proxyBaseURL

src/wfs/src/main/java/org/vfny/geoserver/wfs/servlets/TestWfsPost.java

@@ -194,7 +194,8 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
 
             try {
                 URL u = new URL(urlString);
-                validateURL(request, urlString);
+                GeoServer geoServer = (GeoServer) GeoServerExtensions.bean("geoServer");
+                validateURL(request, urlString, geoServer.getGlobal().getSettings().getProxyBaseUrl() );
                 java.net.HttpURLConnection acon = (java.net.HttpURLConnection) u.openConnection();
                 acon.setAllowUserInteraction(false);
 
@@ -313,9 +314,7 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
         }
     }
 
-    private void validateURL(HttpServletRequest request, String url) {
-        GeoServer geoServer = (GeoServer) GeoServerExtensions.bean("geoServer");
-        String proxyBase = geoServer.getGlobal().getSettings().getProxyBaseUrl();
+    void validateURL(HttpServletRequest request, String url, String proxyBase) {
         if(proxyBase != null) {
             if(!url.startsWith(proxyBase)) {
                 throw new IllegalArgumentException("Invalid url requested, the demo requests should be hitting: " + proxyBase);

src/wfs/src/test/java/org/geoserver/wfs/servlets/TestWfsPostTest.java → src/wfs/src/test/java/org/vfny/geoserver/wfs/servlets/TestWfsPostTest.java

@@ -2,9 +2,10 @@
  * This code is licensed under the GPL 2.0 license, available at the root
  * application directory.
  */
-package org.geoserver.wfs.servlets;
+package org.vfny.geoserver.wfs.servlets;
 
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 import org.geoserver.ows.util.ResponseUtils;
 import org.geoserver.platform.GeoServerExtensions;
@@ -50,19 +51,17 @@ public void testDisallowOpenProxy() throws Exception {
 
     @Test
     public void testDisallowOpenProxyWithProxyBase() throws Exception {
-        System.setProperty(PROXY_BASE_URL, "http://geoserver.org/geoserver");
+        TestWfsPost servlet = new TestWfsPost();
+        MockHttpServletRequest request = buildMockRequest();
+        request.setParameter("url", "http://localhost:1234/internalApp");
+        request.setMethod("GET");
+
         try {
-            TestWfsPost servlet = new TestWfsPost();
-            MockHttpServletRequest request = buildMockRequest();
-            request.setParameter("url", "http://localhost:1234/internalApp");
-            request.setMethod("GET");
-            MockHttpServletResponse response = new MockHttpServletResponse();
-            servlet.service(request, response);
-            // System.out.println(response.getContentAsString());
-            // check xml chars have been escaped
-            assertTrue(response.getContentAsString().contains("Invalid url requested, the demo requests should be hitting: http://geoserver.org/geoserver"));
-        } finally {
-            System.clearProperty(PROXY_BASE_URL);
+            servlet.validateURL(request, "http://localhost:1234/internalApp", "http://geoserver.org/geoserver");
+            fail("Requests should be limited by proxyBaseURL");
+        }
+        catch( IllegalArgumentException expected){
+            assertTrue(expected.getMessage().contains("Invalid url requested, the demo requests should be hitting: http://geoserver.org/geoserver"));
         }
     }