-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[io/http] Validate method name passed to HttpClient.open/openUrl.
There should be no control characters or delimiters in method name provided to open/openUrl methods. Fixes #45744 TEST=http_open_method_validate_test Change-Id: I0db98f2376c980a054420fb447d4f7ef9321f1a9 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/256429 Reviewed-by: Siva Annamalai <asiva@google.com> Reviewed-by: Brian Quinlan <bquinlan@google.com> Commit-Queue: Alexander Aprelev <aam@google.com>
- Loading branch information
Showing
9 changed files
with
115 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
// Copyright (c) 2022, the Dart project authors. Please see the AUTHORS file | ||
// for details. All rights reserved. Use of this source code is governed by a | ||
// BSD-style license that can be found in the LICENSE file. | ||
// | ||
// Verify that HttpClient open, openUrl method argument is validated. | ||
|
||
import "dart:io"; | ||
import "package:expect/expect.dart"; | ||
|
||
void testInvalidArgumentException(String method) { | ||
Expect.throws(() => HttpClient()..open(method, "127.0.0.1", 8080, "/"), | ||
(e) => e is ArgumentError); | ||
Expect.throws( | ||
() => HttpClient()..openUrl(method, Uri.parse("http://127.0.0.1/")), | ||
(e) => e is ArgumentError); | ||
} | ||
|
||
main() { | ||
const String separators = "\t\n\r()<>@,;:\\/[]?={}"; | ||
for (int i = 0; i < separators.length; i++) { | ||
String separator = separators.substring(i, i + 1); | ||
testInvalidArgumentException(separator); | ||
testInvalidArgumentException(separator + "CONNECT"); | ||
testInvalidArgumentException("CONN" + separator + "ECT"); | ||
testInvalidArgumentException("CONN" + separator + separator + "ECT"); | ||
testInvalidArgumentException("CONNECT" + separator); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
// Copyright (c) 2022, the Dart project authors. Please see the AUTHORS file | ||
// for details. All rights reserved. Use of this source code is governed by a | ||
// BSD-style license that can be found in the LICENSE file. | ||
// | ||
// Verify that HttpClient open, openUrl method argument is validated. | ||
|
||
// @dart = 2.9 | ||
|
||
import "dart:io"; | ||
import "package:expect/expect.dart"; | ||
|
||
void testInvalidArgumentException(String method) { | ||
Expect.throws(() => HttpClient()..open(method, "127.0.0.1", 8080, "/"), | ||
(e) => e is ArgumentError); | ||
Expect.throws( | ||
() => HttpClient()..openUrl(method, Uri.parse("http://127.0.0.1/")), | ||
(e) => e is ArgumentError); | ||
} | ||
|
||
main() { | ||
const String separators = "\t\n\r()<>@,;:\\/[]?={}"; | ||
for (int i = 0; i < separators.length; i++) { | ||
String separator = separators.substring(i, i + 1); | ||
testInvalidArgumentException(separator); | ||
testInvalidArgumentException(separator + "CONNECT"); | ||
testInvalidArgumentException("CONN" + separator + "ECT"); | ||
testInvalidArgumentException("CONN" + separator + separator + "ECT"); | ||
testInvalidArgumentException("CONNECT" + separator); | ||
} | ||
} |