Skip to content

Commit

Permalink
bug fix: improve quality of URL encoder / sanitizer
Browse files Browse the repository at this point in the history 
with unit tests that illustrate the difficulty,
which is a direct result of poor library support in Java
  • Loading branch information
@warren-bank
warren-bank committed Dec 9, 2022
1 parent decb1be commit a2ecd17
Show file tree
Hide file tree
Showing 62 changed files with 5,701 additions and 44 deletions.
8 changes: 4 additions & 4 deletions ...c/main/java/com/github/warren_bank/exoplayer_airplay_receiver/exoplayer2/VideoSource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

import com.github.warren_bank.exoplayer_airplay_receiver.utils.ExternalStorageUtils;
import com.github.warren_bank.exoplayer_airplay_receiver.utils.MediaTypeUtils;
import com.github.warren_bank.exoplayer_airplay_receiver.utils.StringUtils;
import com.github.warren_bank.exoplayer_airplay_receiver.utils.UriUtils;

import com.google.android.exoplayer2.C;
import com.google.android.exoplayer2.MediaItem;
Expand Down Expand Up @@ -82,11 +82,11 @@ private VideoSource(
) {
// enforce that URLs are encoded and RFC 2396-compliant
if (!TextUtils.isEmpty(uri))
uri = StringUtils.encodeURL(uri);
uri = UriUtils.encodeURI(uri);
if (!TextUtils.isEmpty(caption))
caption = StringUtils.encodeURL(caption);
caption = UriUtils.encodeURI(caption);
if (!TextUtils.isEmpty(referer))
referer = StringUtils.encodeURL(referer);
referer = UriUtils.encodeURI(referer);

if (uri == null)
uri = "";
Expand Down
8 changes: 4 additions & 4 deletions ...ank/exoplayer_airplay_receiver/service/playlist_extractors/HttpBasePlaylistExtractor.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package com.github.warren_bank.exoplayer_airplay_receiver.service.playlist_extractors;

import com.github.warren_bank.exoplayer_airplay_receiver.utils.StringUtils;
import com.github.warren_bank.exoplayer_airplay_receiver.utils.UrlUtils;

import java.io.BufferedReader;
import java.io.InputStreamReader;
Expand Down Expand Up @@ -29,11 +29,11 @@ protected String resolveM3uPlaylistItem(URL context, String relative) {

uri = resolveM3uPlaylistItem(
((context != null) ? context.toString() : ""),
StringUtils.decodeURL(relative)
UrlUtils.decodeURL(relative)
);

if (uri != null)
uri = StringUtils.encodeURL(uri);
uri = UrlUtils.encodeURL(uri);

return uri;
}
Expand Down Expand Up @@ -84,7 +84,7 @@ protected ArrayList<String> expandPlaylist(String strUrl, Charset cs) {
in = new BufferedReader(new InputStreamReader(url.openStream(), cs));

// remove ascii encoding
url = new URL(StringUtils.decodeURL(strUrl));
url = new URL(UrlUtils.decodeURL(strUrl));

preParse(url);
while ((line = in.readLine()) != null) {
Expand Down
34 changes: 0 additions & 34 deletions ...er/src/main/java/com/github/warren_bank/exoplayer_airplay_receiver/utils/StringUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,6 @@
import android.os.Bundle;
import android.text.TextUtils;

import java.net.URI;
import java.net.URL;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
Expand Down Expand Up @@ -141,37 +138,6 @@ public static String convertEscapedLinefeeds(String requestBody) {
return requestBody.replaceAll("\\\\n", "\n");
}

public static String decodeURL(String strUrl) {
try {
return URLDecoder.decode(strUrl, "UTF-8");
}
catch(Exception e) {
return strUrl;
}
}

public static String encodeURL(String strUrl) {
try {
URL url = new URL(StringUtils.decodeURL(strUrl));

return StringUtils.encodeURL(url);
}
catch(Exception e) {
return strUrl;
}
}

public static String encodeURL(URL url) {
try {
URI uri = new URI(url.getProtocol(), url.getUserInfo(), url.getHost(), url.getPort(), url.getPath(), url.getQuery(), url.getRef());

return uri.toASCIIString();
}
catch(Exception e) {
return url.toExternalForm();
}
}

public static String serializeURLs(ArrayList<String> list) {
return StringUtils.convertArrayListToString(list, Constant.Delimiter.PLAYLIST_URLS);
}
Expand Down
77 changes: 75 additions & 2 deletions ...eiver/src/main/java/com/github/warren_bank/exoplayer_airplay_receiver/utils/UriUtils.java
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,85 @@
package com.github.warren_bank.exoplayer_airplay_receiver.utils;

import android.net.Uri;

import java.net.URI;

public class UriUtils {

public static URI parseURI(String strUrl) {
public static String encodeURI(String strUri) {
try {
return new URI(StringUtils.encodeURL(strUrl));
if ((strUri == null) || strUri.isEmpty())
throw new Exception("uri is empty");

StringBuilder builder = new StringBuilder();
Uri uri = Uri.parse(strUri);
String sVal;
int iVal;

sVal = uri.getScheme();
if (sVal == null)
throw new Exception("protocol is required");
builder.append(sVal);
builder.append("://");

sVal = uri.getEncodedUserInfo();
if (sVal != null) {
sVal = Uri.encode(sVal, "%:");
builder.append(sVal);
builder.append("@");
}

sVal = uri.getHost();
if (sVal == null)
throw new Exception("hostname is required");
builder.append(sVal);

iVal = uri.getPort();
if (iVal > 0) {
builder.append(":");
builder.append(iVal);
}

sVal = uri.getEncodedPath();
if (sVal == null)
throw new Exception("path is required");
sVal = Uri.encode(sVal, "%/");
builder.append(sVal);

sVal = uri.getEncodedQuery();
if (sVal != null) {
sVal = Uri.encode(sVal, "%=&[]");
builder.append("?");
builder.append(sVal);
}

sVal = uri.getEncodedFragment();
if (sVal != null) {
sVal = Uri.encode(sVal, "%/");
builder.append("#");
builder.append(sVal);
}

strUri = builder.toString();

if (strUri.isEmpty())
throw new Exception("uri is empty");

return strUri;
}
catch(Exception e) {
return null;
}
}

public static URI parseURI(String strUri) {
try {
strUri = UriUtils.encodeURI(strUri);

if (strUri == null)
throw new Exception("uri is empty");

return new URI(strUri);
}
catch(Exception e) {
return null;
Expand Down
40 changes: 40 additions & 0 deletions ...eiver/src/main/java/com/github/warren_bank/exoplayer_airplay_receiver/utils/UrlUtils.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
package com.github.warren_bank.exoplayer_airplay_receiver.utils;

import java.net.URI;
import java.net.URL;
import java.net.URLDecoder;

public class UrlUtils {

public static String decodeURL(String strUrl) {
try {
return URLDecoder.decode(strUrl, "UTF-8");
}
catch(Exception e) {
return strUrl;
}
}

public static String encodeURL(String strUrl) {
try {
URL url = new URL(strUrl);

return UrlUtils.encodeURL(url);
}
catch(Exception e) {
return strUrl;
}
}

public static String encodeURL(URL url) {
try {
URI uri = new URI(url.getProtocol(), url.getUserInfo(), url.getHost(), url.getPort(), url.getPath(), url.getQuery(), url.getRef());

return uri.toASCIIString();
}
catch(Exception e) {
return url.toExternalForm();
}
}

}
0 tests/01.sh → ... - curl sender - examples in README/01.sh
100755 → 100644
View file
File renamed without changes.
0 tests/02. AirPlay sender.es5.html → ...tml - SPA senders/airplay_sender.es5.html
View file
File renamed without changes.
0 tests/02. AirPlay sender.html → ...2. html - SPA senders/airplay_sender.html
View file
File renamed without changes.
0 ... sender - to receiver on same device.html → ..._playlist_to_receiver_on_same_device.html
View file
File renamed without changes.
4 changes: 4 additions & 0 deletions tests/03. unit tests/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
!**/bin
!**/lib
!**/src
!**/out
5 changes: 5 additions & 0 deletions tests/03. unit tests/01. URL encoder/bin/0-env.bat
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
@echo off

set JDK_HOME=C:\Android\android-studio-2021.3.1.17\jre
set JRE_HOME=%JDK_HOME%\jre
set PATH=%JRE_HOME%\bin;%JDK_HOME%\bin;%PATH%
21 changes: 21 additions & 0 deletions tests/03. unit tests/01. URL encoder/bin/1-compile.bat
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
@echo off

call "%~dp0.\0-env.bat"

set output_dir=%~dp0..\out\%~n0

set options=
set options=%options% --source-path "%~dp0..\lib"
set options=%options% -d "%output_dir%"
set options=%options% -encoding "UTF-8"
set options=%options% -g:none

set sourcefile="%~dp0..\src\Main.java"

if exist "%output_dir%" rmdir /Q /S "%output_dir%"
mkdir "%output_dir%"

javac %options% %sourcefile%

echo.
pause
17 changes: 17 additions & 0 deletions tests/03. unit tests/01. URL encoder/bin/2-run.bat
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
@echo off

call "%~dp0.\0-env.bat"

set output_dir=%~dp0..\out\%~n0
set stdout_file="%output_dir%\stdout.txt"
set stderr_file="%output_dir%\stderr.txt"

set options=
set options=%options% --class-path "%output_dir%\..\1-compile"

set mainclass="Main"

if exist "%output_dir%" rmdir /Q /S "%output_dir%"
mkdir "%output_dir%"

java %options% %mainclass% 1>%stdout_file% 2>%stderr_file%
Loading

0 comments on commit a2ecd17

Please sign in to comment.