tchekai704
/
src-spring-framework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Reject user names with "%2F" in STOMP 

Closes gh-23836
pull/24089/head
Rossen Stoyanchev 5 years ago
parent
08669cc7c3
commit
30d68f2de7
4 changed files with 21 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      spring-messaging/src/main/java/org/springframework/messaging/simp/SimpMessagingTemplate.java
  2. 3
      spring-messaging/src/main/java/org/springframework/messaging/simp/user/DefaultUserDestinationResolver.java
  3. 7
      spring-messaging/src/test/java/org/springframework/messaging/simp/SimpMessagingTemplateTests.java
  4. 10
      spring-messaging/src/test/java/org/springframework/messaging/simp/user/DefaultUserDestinationResolverTests.java

3
spring-messaging/src/main/java/org/springframework/messaging/simp/SimpMessagingTemplate.java
Unescape View File

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -224,6 +224,7 @@ public class SimpMessagingTemplate extends AbstractMessageSendingTemplate<String @@ -224,6 +224,7 @@ public class SimpMessagingTemplate extends AbstractMessageSendingTemplate<String
throws MessagingException {
Assert.notNull(user, "User must not be null");
Assert.isTrue(!user.contains("%2F"), "Invalid sequence \"%2F\" in user name: " + user);
user = StringUtils.replace(user, "/", "%2F");
destination = destination.startsWith("/") ? destination : "/" + destination;
super.convertAndSend(this.destinationPrefix + user + destination, payload, headers, postProcessor);

3
spring-messaging/src/main/java/org/springframework/messaging/simp/user/DefaultUserDestinationResolver.java
Unescape View File

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -203,6 +203,7 @@ public class DefaultUserDestinationResolver implements UserDestinationResolver { @@ -203,6 +203,7 @@ public class DefaultUserDestinationResolver implements UserDestinationResolver {
}
Principal principal = SimpMessageHeaderAccessor.getUser(headers);
String user = (principal != null ? principal.getName() : null);
Assert.isTrue(user == null || !user.contains("%2F"), "Invalid sequence \"%2F\" in user name: " + user);
Set<String> sessionIds = Collections.singleton(sessionId);
return new ParseResult(sourceDestination, actualDestination, sourceDestination, sessionIds, user);
}

7
spring-messaging/src/test/java/org/springframework/messaging/simp/SimpMessagingTemplateTests.java
Unescape View File

@ -36,6 +36,7 @@ import org.springframework.messaging.support.NativeMessageHeaderAccessor; @@ -36,6 +36,7 @@ import org.springframework.messaging.support.NativeMessageHeaderAccessor;
import org.springframework.util.LinkedMultiValueMap;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
/**
* Unit tests for {@link org.springframework.messaging.simp.SimpMessagingTemplate}.
@ -86,6 +87,12 @@ public class SimpMessagingTemplateTests { @@ -86,6 +87,12 @@ public class SimpMessagingTemplateTests {
assertThat(headerAccessor.getDestination()).isEqualTo("/user/https:%2F%2Fjoe.openid.example.org%2F/queue/foo");
}
@Test // gh-23836
public void convertAndSendToUserWithInvalidSequence() {
assertThatIllegalArgumentException().isThrownBy(() ->
this.messagingTemplate.convertAndSendToUser("joe%2F", "/queue/foo", "data"));
}
@Test
public void convertAndSendWithCustomHeader() {
Map<String, Object> headers = Collections.<String, Object>singletonMap("key", "value");

10
spring-messaging/src/test/java/org/springframework/messaging/simp/user/DefaultUserDestinationResolverTests.java
Unescape View File

@ -29,6 +29,7 @@ import org.springframework.messaging.support.MessageBuilder; @@ -29,6 +29,7 @@ import org.springframework.messaging.support.MessageBuilder;
import org.springframework.util.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
@ -113,6 +114,15 @@ public class DefaultUserDestinationResolverTests { @@ -113,6 +114,15 @@ public class DefaultUserDestinationResolverTests {
assertThat(actual.getUser()).isNull();
}
@Test // gh-23836
public void handleSubscribeInvalidUserName() {
TestPrincipal user = new TestPrincipal("joe%2F");
String sourceDestination = "/user/queue/foo";
Message<?> message = createMessage(SimpMessageType.SUBSCRIBE, user, "123", sourceDestination);
assertThatIllegalArgumentException().isThrownBy(() -> this.resolver.resolveDestination(message));
}
@Test
public void handleUnsubscribe() {
TestPrincipal user = new TestPrincipal("joe");

Write Preview
Loading…
Cancel
Save