From 2528991890fa11d25ac3bb73d157aaa07c6dbe91 Mon Sep 17 00:00:00 2001 From: sogabe Date: Mon, 23 Jun 2008 18:14:35 +0000 Subject: [PATCH] Hudson checks if the container uses UTF-8 to decode URLs git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@10342 71c3de6d-444a-0410-be80-ed276b4c234a --- core/src/main/java/hudson/model/Hudson.java | 110 ++++++++++++------ .../hudson/model/Hudson/manage.jelly | 13 +++ .../hudson/model/Messages.properties | 6 +- .../hudson/model/Messages_ja.properties | 5 + 4 files changed, 95 insertions(+), 39 deletions(-) diff --git a/core/src/main/java/hudson/model/Hudson.java b/core/src/main/java/hudson/model/Hudson.java index 6883a10a97..67677200b0 100644 --- a/core/src/main/java/hudson/model/Hudson.java +++ b/core/src/main/java/hudson/model/Hudson.java @@ -1,27 +1,27 @@ package hudson.model; -import com.thoughtworks.xstream.XStream; +import static hudson.Util.fixEmpty; +import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST; +import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND; +import static org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY; import hudson.FeedAdapter; import hudson.FilePath; import hudson.Functions; import hudson.Launcher; -import hudson.Launcher.LocalLauncher; import hudson.Plugin; import hudson.PluginManager; import hudson.PluginWrapper; +import hudson.ProxyConfiguration; import hudson.StructuredForm; import hudson.TcpSlaveAgentListener; import hudson.Util; -import static hudson.Util.fixEmpty; import hudson.XmlFile; -import hudson.ProxyConfiguration; -import hudson.slaves.ComputerLauncher; -import hudson.slaves.RetentionStrategy; +import hudson.Launcher.LocalLauncher; import hudson.model.Descriptor.FormException; import hudson.model.listeners.ItemListener; import hudson.model.listeners.JobListener; -import hudson.model.listeners.JobListener.JobListenerAdapter; import hudson.model.listeners.SCMListener; +import hudson.model.listeners.JobListener.JobListenerAdapter; import hudson.remoting.LocalChannel; import hudson.remoting.VirtualChannel; import hudson.scm.CVSSCM; @@ -42,8 +42,10 @@ import hudson.security.Permission; import hudson.security.PermissionGroup; import hudson.security.SecurityMode; import hudson.security.SecurityRealm; -import hudson.security.SecurityRealm.SecurityComponents; import hudson.security.TokenBasedRememberMeServices2; +import hudson.security.SecurityRealm.SecurityComponents; +import hudson.slaves.ComputerLauncher; +import hudson.slaves.RetentionStrategy; import hudson.tasks.BuildStep; import hudson.tasks.BuildWrapper; import hudson.tasks.BuildWrappers; @@ -67,43 +69,15 @@ import hudson.util.RemotingDiagnostics; import hudson.util.TextFile; import hudson.util.XStream2; import hudson.widgets.Widget; -import net.sf.json.JSONObject; -import net.sf.json.JSONArray; -import org.acegisecurity.AccessDeniedException; -import org.acegisecurity.Authentication; -import org.acegisecurity.GrantedAuthority; -import org.acegisecurity.GrantedAuthorityImpl; -import org.acegisecurity.context.SecurityContextHolder; -import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken; -import org.acegisecurity.ui.AbstractProcessingFilter; -import static org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY; -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.fileupload.disk.DiskFileItemFactory; -import org.apache.commons.fileupload.servlet.ServletFileUpload; -import org.kohsuke.stapler.MetaClass; -import org.kohsuke.stapler.QueryParameter; -import org.kohsuke.stapler.Stapler; -import org.kohsuke.stapler.StaplerProxy; -import org.kohsuke.stapler.StaplerRequest; -import org.kohsuke.stapler.StaplerResponse; -import org.kohsuke.stapler.export.Exported; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST; -import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND; -import javax.servlet.http.HttpSession; import java.io.File; import java.io.FileFilter; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.PrintWriter; -import java.net.URL; import java.net.Proxy; +import java.net.URL; import java.security.SecureRandom; import java.text.NumberFormat; import java.text.ParseException; @@ -118,12 +92,12 @@ import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Map.Entry; import java.util.Set; import java.util.Stack; import java.util.StringTokenizer; import java.util.TreeSet; import java.util.Vector; +import java.util.Map.Entry; import java.util.concurrent.Callable; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.CopyOnWriteArrayList; @@ -138,6 +112,33 @@ import java.util.logging.LogRecord; import java.util.logging.Logger; import java.util.regex.Pattern; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import net.sf.json.JSONArray; +import net.sf.json.JSONObject; + +import org.acegisecurity.AccessDeniedException; +import org.acegisecurity.Authentication; +import org.acegisecurity.GrantedAuthority; +import org.acegisecurity.GrantedAuthorityImpl; +import org.acegisecurity.context.SecurityContextHolder; +import org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken; +import org.acegisecurity.ui.AbstractProcessingFilter; +import org.kohsuke.stapler.MetaClass; +import org.kohsuke.stapler.QueryParameter; +import org.kohsuke.stapler.Stapler; +import org.kohsuke.stapler.StaplerProxy; +import org.kohsuke.stapler.StaplerRequest; +import org.kohsuke.stapler.StaplerResponse; +import org.kohsuke.stapler.export.Exported; + +import com.thoughtworks.xstream.XStream; + /** * Root object of the system. * @@ -2287,6 +2288,39 @@ public final class Hudson extends View implements ItemGroup, Node, rsp.sendError(HttpServletResponse.SC_NOT_FOUND); } + /** + * Checks if container uses UTF-8 to decode URLs. See + * http://hudson.gotdns.com/wiki/display/HUDSON/Tomcat#Tomcat-i18n + * + * @param req containing the parameter value + * @param rsp used by FormFieldValidator + * @throws IOException thrown by FormFieldValidator.check() + * @throws ServletException thrown by FormFieldValidator.check() + */ + public void doCheckURIEncoding(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException { + new FormFieldValidator(req, rsp, true) { + @Override + protected void check() throws IOException, ServletException { + request.setCharacterEncoding("UTF-8"); + // expected is non-ASCII String + final String expected = "\u57f7\u4e8b"; + final String value = fixEmpty(request.getParameter("value")); + if (!expected.equals(value)) { + warningWithMarkup(Messages.Hudson_NotUsesUTF8ToDecodeURL()); + return; + } + ok(); + } + }.process(); + } + + /** + * Does not check when system default encoding is "ISO-8859-1". + */ + public static boolean isCheckURIEncodingEnabled() { + return !"ISO-8859-1".equalsIgnoreCase(System.getProperty("file.encoding")); + } + /** * Extension list that {@link #doResources(StaplerRequest, StaplerResponse)} can serve. * This set is mutable to allow plugins to add additional extensions. diff --git a/core/src/main/resources/hudson/model/Hudson/manage.jelly b/core/src/main/resources/hudson/model/Hudson/manage.jelly index 1c05d87ca0..818993062d 100644 --- a/core/src/main/resources/hudson/model/Hudson/manage.jelly +++ b/core/src/main/resources/hudson/model/Hudson/manage.jelly @@ -19,6 +19,19 @@

${%Manage Hudson}

+ + + + ${%Configure global settings and paths.} diff --git a/core/src/main/resources/hudson/model/Messages.properties b/core/src/main/resources/hudson/model/Messages.properties index 0848e32a6a..3ad0b6132b 100644 --- a/core/src/main/resources/hudson/model/Messages.properties +++ b/core/src/main/resources/hudson/model/Messages.properties @@ -52,7 +52,11 @@ Hudson.ViewName=All Hudson.NotANumber=Not a number Hudson.NotAPositiveNumber=Not a positive number Hudson.NotANegativeNumber=Not a negative number - +Hudson.NotUsesUTF8ToDecodeURL=\ + Your container does''t use UTF-8 to decode URLs. If you use non-ASCII characters as a Job name etc, \ + See Containers or \ + Tomcat i18N. + Item.Permissions.Title=Job Job.AllRecentBuildFailed=All recent builds failed. diff --git a/core/src/main/resources/hudson/model/Messages_ja.properties b/core/src/main/resources/hudson/model/Messages_ja.properties index 276e52e9dc..cd474abea4 100644 --- a/core/src/main/resources/hudson/model/Messages_ja.properties +++ b/core/src/main/resources/hudson/model/Messages_ja.properties @@ -12,6 +12,11 @@ ExternalJob.DisplayName=\u5916\u90e8\u30b8\u30e7\u30d6\u306e\u76e3\u8996 FreeStyleProject.DisplayName=\u30d5\u30ea\u30fc\u30b9\u30bf\u30a4\u30eb\u30fb\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306e\u30d3\u30eb\u30c9 +Hudson.NotUsesUTF8ToDecodeURL=\ + URL\u304cUTF-8\u3067\u30c7\u30b3\u30fc\u30c9\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u3002\u30b8\u30e7\u30d6\u540d\u306a\u3069\u306bnon-ASCII\u306a\u6587\u5b57\u3092\u4f7f\u7528\u3059\u308b\u5834\u5408\u306f\u3001\ + \u30b3\u30f3\u30c6\u30ca\u306e\u8a2d\u5b9a\u3084\ + Tomcat i18N\u3092\u53c2\u8003\u306b\u8a2d\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002 + Job.AllRecentBuildFailed=\u6700\u8fd1\u306e\u5168\u3066\u306e\u30d3\u30eb\u30c9\u306f\u5931\u6557\u3057\u307e\u3057\u305f\u3002 Job.BuildStability=\u5b89\u5b9a\u3057\u305f\u30d3\u30eb\u30c9: {0} Job.NOfMFailed=\u6700\u8fd1\u306e{1}\u500b\u4e2d\u3001{0}\u500b\u30d3\u30eb\u30c9\u306b\u5931\u6557\u3057\u307e\u3057\u305f\u3002 -- GitLab