Decode urls before storing in the state

hdiv · Feb 14, 2014 · b3ec18e · b3ec18e
1 parent 7a2cd3b
commit b3ec18e
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 3 deletions.
diff --git a/hdiv-core/src/main/java/org/hdiv/dataComposer/DataComposerMemory.java b/hdiv-core/src/main/java/org/hdiv/dataComposer/DataComposerMemory.java
@@ -15,6 +15,7 @@
  */
 package org.hdiv.dataComposer;
 
+import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
 
 import org.apache.commons.logging.Log;
@@ -371,13 +372,14 @@ protected IParameter composeParameter(String parameterName, String value, boolea
 			parameter.addValue(decodedValue);
 		} else {
 			// create a new parameter and add to the request
-			parameter = createParameter(parameterName, decodedValue, editable, editableDataType, isActionParam, charEncoding);
+			parameter = createParameter(parameterName, decodedValue, editable, editableDataType, isActionParam,
+					charEncoding);
 			state.addParameter(parameter);
 		}
 
 		return parameter;
 	}
-	
+
 	/**
 	 * Instantiates the parameter
 	 * 
@@ -457,7 +459,7 @@ private String getDecodedValue(String value, String charEncoding) {
 		String decodedValue = null;
 		try {
 			decodedValue = URLDecoder.decode(value, charEncoding);
-		} catch (Exception e) {
+		} catch (UnsupportedEncodingException e) {
 			decodedValue = value;
 		}
 
@@ -498,6 +500,11 @@ public String beginRequest() {
 	 */
 	public String beginRequest(String action) {
 
+		try {
+			action = URLDecoder.decode(action, Constants.ENCODING_UTF_8);
+		} catch (UnsupportedEncodingException e) {
+		}
+
 		// Create new IState
 		IState state = new State(this.requestCounter);
 		state.setAction(action);

diff --git a/hdiv-core/src/test/java/org/hdiv/dataComposer/DataComposerMemoryTest.java b/hdiv-core/src/test/java/org/hdiv/dataComposer/DataComposerMemoryTest.java
@@ -261,4 +261,39 @@ public void testSaveStateInCreation() {
 
 		dataComposer.endPage();
 	}
+
+	public void testEncodeFormAction() {
+
+		// No encoded url
+		HttpServletRequest request = HDIVUtil.getHttpServletRequest();
+		IDataComposer dataComposer = this.dataComposerFactory.newInstance(request);
+		HDIVUtil.setDataComposer(dataComposer, request);
+
+		dataComposer.startPage();
+		dataComposer.beginRequest("test test.do");
+		String stateId = dataComposer.endRequest();
+		dataComposer.endPage();
+
+		assertNotNull(stateId);
+
+		IState state = this.stateUtil.restoreState(stateId);
+
+		assertEquals("test test.do", state.getAction());
+
+		// Encoded action url
+		dataComposer = this.dataComposerFactory.newInstance(request);
+		HDIVUtil.setDataComposer(dataComposer, request);
+
+		dataComposer.startPage();
+		dataComposer.beginRequest("test%20test.do");
+		stateId = dataComposer.endRequest();
+		dataComposer.endPage();
+
+		assertNotNull(stateId);
+
+		state = this.stateUtil.restoreState(stateId);
+
+		// State action value is decoded because we store decoded values only
+		assertEquals("test test.do", state.getAction());
+	}
 }
diff --git a/hdiv-core/src/test/java/org/hdiv/filter/ValidatorHelperTest.java b/hdiv-core/src/test/java/org/hdiv/filter/ValidatorHelperTest.java
@@ -447,4 +447,19 @@ public void testValidateWhitespace() {
 		RequestWrapper requestWrapper = new RequestWrapper(request);
 		assertTrue(helper.validate(requestWrapper).isValid());
 	}
+
+	public void testValidateEncoded() {
+
+		MockHttpServletRequest request = (MockHttpServletRequest) HDIVUtil.getHttpServletRequest();
+
+		this.dataComposer.beginRequest("/path/test%20Action.do");
+		String pageState = this.dataComposer.endRequest();
+		this.dataComposer.endPage();
+
+		request.setRequestURI("/path/test%20Action.do");
+		request.addParameter(hdivParameter, pageState);
+
+		RequestWrapper requestWrapper = new RequestWrapper(request);
+		assertTrue(helper.validate(requestWrapper).isValid());
+	}
 }