#193 Adding a non-ActiveWeb annotation on action method causes IllegalArgumentException

Igor Polevoy · Igor Polevoy · commit 97da71dfee7c · 2015-12-10T21:38:20.000-06:00
diff --git a/activeweb/src/main/java/org/javalite/activeweb/AppController.java b/activeweb/src/main/java/org/javalite/activeweb/AppController.java
@@ -198,9 +198,11 @@ protected List<HttpMethod> allowedActions(String actionMethodName) {
             if (annotations.length == 0) {
                 return Collections.singletonList(HttpMethod.GET);
             } else {
-                List<HttpMethod> res = new ArrayList<HttpMethod>();
+                List<HttpMethod> res = new ArrayList<>();
                 for (Annotation annotation : annotations) {
-                    res.add(HttpMethod.valueOf(annotation.annotationType().getSimpleName()));
+                    try {
+                        res.add(HttpMethod.valueOf(annotation.annotationType().getSimpleName()));
+                    } catch (IllegalArgumentException ignore) {} // we do not know this annotation
                 }
                 return res;
             }
diff --git a/activeweb/src/test/java/app/controllers/BlahAnnotation.java b/activeweb/src/test/java/app/controllers/BlahAnnotation.java
@@ -0,0 +1,13 @@
+package app.controllers;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * @author Igor Polevoy on 12/10/15.
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface BlahAnnotation {}
diff --git a/activeweb/src/test/java/app/controllers/Issue193Controller.java b/activeweb/src/test/java/app/controllers/Issue193Controller.java
@@ -0,0 +1,15 @@
+package app.controllers;
+
+import org.javalite.activeweb.AppController;
+import org.javalite.activeweb.annotations.GET;
+
+/**
+ * @author Igor Polevoy on 12/10/15.
+ */
+public class Issue193Controller extends AppController {
+
+    @GET @BlahAnnotation
+    public void index(){
+        respond("ok");
+    }
+}
diff --git a/activeweb/src/test/java/org/javalite/activeweb/Issue193Spec.java b/activeweb/src/test/java/org/javalite/activeweb/Issue193Spec.java
@@ -0,0 +1,22 @@
+package org.javalite.activeweb;
+
+import org.junit.Test;
+
+import javax.servlet.ServletException;
+import java.io.IOException;
+
+/**
+ * @author Igor Polevoy on 12/10/15.
+ */
+public class Issue193Spec extends RequestSpec{
+
+    @Test //https://github.com/javalite/activeweb/issues/244
+    public void shouldSanitizeBadContent() throws IOException, ServletException {
+        request.setServletPath("/issue193");
+        request.setMethod("GET");
+
+        dispatcher.doFilter(request, response, filterChain);
+        String result = response.getContentAsString();
+        a(result).shouldBeEqual("ok");
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -198,9 +198,11 @@ protected List<HttpMethod> allowedActions(String actionMethodName) {`
`198`	`198`	`if (annotations.length == 0) {`
`199`	`199`	`return Collections.singletonList(HttpMethod.GET);`
`200`	`200`	`} else {`
`201`		`- List<HttpMethod> res = new ArrayList<HttpMethod>();`
	`201`	`+ List<HttpMethod> res = new ArrayList<>();`
`202`	`202`	`for (Annotation annotation : annotations) {`
`203`		`- res.add(HttpMethod.valueOf(annotation.annotationType().getSimpleName()));`
	`203`	`+ try {`
	`204`	`+ res.add(HttpMethod.valueOf(annotation.annotationType().getSimpleName()));`
	`205`	`+ } catch (IllegalArgumentException ignore) {} // we do not know this annotation`
`204`	`206`	`}`
`205`	`207`	`return res;`
`206`	`208`	`}`