Skip to content

Commit

Permalink
[http] fix missing escaping of URLs (#9618)
Browse files Browse the repository at this point in the history 
Signed-off-by: Jan N. Klug <[email protected]>
  • Loading branch information
@J-N-K
J-N-K authored Dec 31, 2020
1 parent ede9435 commit 27afb1f
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 24 deletions.
17 changes: 9 additions & 8 deletions ...penhab.binding.http/src/main/java/org/openhab/binding/http/internal/HttpThingHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
*/
package org.openhab.binding.http.internal;

import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.*;
Expand Down Expand Up @@ -302,10 +303,10 @@ private void sendHttpValue(String commandUrl, String command) {
private void sendHttpValue(String commandUrl, String command, boolean isRetry) {
try {
// format URL
URI finalUrl = new URI(String.format(commandUrl, new Date(), command));
URI uri = Util.uriFromString(String.format(commandUrl, new Date(), command));

// build request
Request request = httpClient.newRequest(finalUrl).timeout(config.timeout, TimeUnit.MILLISECONDS)
Request request = httpClient.newRequest(uri).timeout(config.timeout, TimeUnit.MILLISECONDS)
.method(config.commandMethod);
if (config.commandMethod != HttpMethod.GET) {
final String contentType = config.contentType;
Expand All @@ -326,30 +327,30 @@ private void sendHttpValue(String commandUrl, String command, boolean isRetry) {
});

if (logger.isTraceEnabled()) {
logger.trace("Sending to '{}': {}", finalUrl, Util.requestToLogString(request));
logger.trace("Sending to '{}': {}", uri, Util.requestToLogString(request));
}

CompletableFuture<@Nullable Content> f = new CompletableFuture<>();
f.exceptionally(e -> {
if (e instanceof HttpAuthException) {
if (isRetry) {
logger.warn("Retry after authentication failure failed again for '{}', failing here", finalUrl);
logger.warn("Retry after authentication failure failed again for '{}', failing here", uri);
} else {
AuthenticationStore authStore = httpClient.getAuthenticationStore();
Authentication.Result authResult = authStore.findAuthenticationResult(finalUrl);
Authentication.Result authResult = authStore.findAuthenticationResult(uri);
if (authResult != null) {
authStore.removeAuthenticationResult(authResult);
logger.debug("Cleared authentication result for '{}', retrying immediately", finalUrl);
logger.debug("Cleared authentication result for '{}', retrying immediately", uri);
sendHttpValue(commandUrl, command, true);
} else {
logger.warn("Could not find authentication result for '{}', failing here", finalUrl);
logger.warn("Could not find authentication result for '{}', failing here", uri);
}
}
}
return null;
});
request.send(new HttpResponseListener(f, null, config.bufferSize));
} catch (IllegalArgumentException | URISyntaxException e) {
} catch (IllegalArgumentException | URISyntaxException | MalformedURLException e) {
logger.warn("Creating request for '{}' failed: {}", commandUrl, e.getMessage());
}
}
Expand Down
22 changes: 21 additions & 1 deletion bundles/org.openhab.binding.http/src/main/java/org/openhab/binding/http/internal/Util.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
*/
package org.openhab.binding.http.internal;

import java.net.*;
import java.nio.charset.StandardCharsets;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
Expand All @@ -23,13 +24,18 @@

/**
* The {@link Util} is a utility class
* channels
*
* @author Jan N. Klug - Initial contribution
*/
@NonNullByDefault
public class Util {

/**
* create a log string from a {@link org.eclipse.jetty.client.api.Request}
*
* @param request the request to log
* @return the string representing the request
*/
public static String requestToLogString(Request request) {
ContentProvider contentProvider = request.getContent();
String contentString = contentProvider == null ? "null"
Expand All @@ -41,4 +47,18 @@ public static String requestToLogString(Request request) {

return logString;
}

/**
* create an URI from a string, escaping all necessary characters
*
* @param s the URI as unescaped string
* @return URI correspondign to the input string
* @throws MalformedURLException
* @throws URISyntaxException
*/
public static URI uriFromString(String s) throws MalformedURLException, URISyntaxException {
URL url = new URL(s);
return new URI(url.getProtocol(), url.getUserInfo(), IDN.toASCII(url.getHost()), url.getPort(), url.getPath(),
url.getQuery(), url.getRef());
}
}
27 changes: 12 additions & 15 deletions ...binding.http/src/main/java/org/openhab/binding/http/internal/http/RefreshingUrlCache.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,7 @@
*/
package org.openhab.binding.http.internal.http;

import java.net.URI;
import java.net.URISyntaxException;
import java.net.*;
import java.util.Date;
import java.util.List;
import java.util.Optional;
Expand Down Expand Up @@ -76,11 +75,10 @@ private void refresh(boolean isRetry) {

// format URL
try {
URI finalUrl = new URI(String.format(this.url, new Date()));
URI uri = Util.uriFromString(String.format(this.url, new Date()));
logger.trace("Requesting refresh (retry={}) from '{}' with timeout {}ms", isRetry, uri, timeout);

logger.trace("Requesting refresh (retry={}) from '{}' with timeout {}ms", isRetry, finalUrl, timeout);

httpClient.newRequest(finalUrl).thenAccept(request -> {
httpClient.newRequest(uri).thenAccept(request -> {
request.timeout(timeout, TimeUnit.MILLISECONDS);

headers.forEach(header -> {
Expand All @@ -96,37 +94,36 @@ private void refresh(boolean isRetry) {
response.exceptionally(e -> {
if (e instanceof HttpAuthException) {
if (isRetry) {
logger.warn("Retry after authentication failure failed again for '{}', failing here",
finalUrl);
logger.warn("Retry after authentication failure failed again for '{}', failing here", uri);
} else {
AuthenticationStore authStore = httpClient.getAuthenticationStore();
Authentication.Result authResult = authStore.findAuthenticationResult(finalUrl);
Authentication.Result authResult = authStore.findAuthenticationResult(uri);
if (authResult != null) {
authStore.removeAuthenticationResult(authResult);
logger.debug("Cleared authentication result for '{}', retrying immediately", finalUrl);
logger.debug("Cleared authentication result for '{}', retrying immediately", uri);
refresh(true);
} else {
logger.warn("Could not find authentication result for '{}', failing here", finalUrl);
logger.warn("Could not find authentication result for '{}', failing here", uri);
}
}
}
return null;
}).thenAccept(this::processResult);

if (logger.isTraceEnabled()) {
logger.trace("Sending to '{}': {}", finalUrl, Util.requestToLogString(request));
logger.trace("Sending to '{}': {}", uri, Util.requestToLogString(request));
}

request.send(new HttpResponseListener(response, fallbackEncoding, bufferSize));
}).exceptionally(e -> {
if (e instanceof CancellationException) {
logger.debug("Request to URL {} was cancelled by thing handler.", finalUrl);
logger.debug("Request to URL {} was cancelled by thing handler.", uri);
} else {
logger.warn("Request to URL {} failed: {}", finalUrl, e.getMessage());
logger.warn("Request to URL {} failed: {}", uri, e.getMessage());
}
return null;
});
} catch (IllegalArgumentException | URISyntaxException e) {
} catch (IllegalArgumentException | URISyntaxException | MalformedURLException e) {
logger.warn("Creating request for '{}' failed: {}", url, e.getMessage());
}
}
Expand Down

0 comments on commit 27afb1f

Please sign in to comment.