From: Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Date: Fri, 27 Jan 2017 15:50:25 +0000 (+0100)
Subject: SONAR-8388 HTTP POST request parameters are handled as UTF-8 by default
X-Git-Tag: 6.3-RC1~342
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=7fc68e34923e3fe08b1b0dc81f7def4ab76d2b1e;p=sonarqube.git

SONAR-8388 HTTP POST request parameters are handled as UTF-8 by default
---

diff --git a/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java b/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java
index c0f431a7e45..876cfccd071 100644
--- a/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java
+++ b/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java
@@ -353,7 +353,7 @@ public class DeprecatedPropertiesWsTest {
       .url(url));
   }
 
-  public static Response call(Request.Builder requestBuilder) {
+  private static Response call(Request.Builder requestBuilder) {
     try {
       requestBuilder.header("Authorization", Credentials.basic("admin", "admin"));
       Response response = new OkHttpClient.Builder()
diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java b/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java
index c533f7e1ec1..1ce76a84148 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java
@@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletResponse;
 
 /**
  * This servlet filter sets response headers that enable browser protection against several classes if Web attacks.
- * The list of headers is mirrored in environment.rb as a workaround to Rack swallowing the headers..
  */
 public class SecurityServletFilter implements Filter {
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java
index 23a37000e5c..8ab347473f9 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java
@@ -374,6 +374,14 @@ public class SetActionTest {
     assertGlobalSetting("my.key", "My Value");
   }
 
+  @Test
+  public void persist_global_setting_with_non_ascii_characters() {
+    callForGlobalSetting("my.key", "fi±∞…");
+
+    assertGlobalSetting("my.key", "fi±∞…");
+    assertThat(settingsChangeNotifier.wasCalled).isTrue();
+  }
+
   @Test
   public void fail_when_no_key() {
     expectedException.expect(IllegalArgumentException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
index 61c38d77004..abbe380e386 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java
@@ -722,6 +722,19 @@ public class ValuesActionTest {
       "sonar.plugin.licenseHash.secured");
   }
 
+  @Test
+  public void return_simple_value_with_non_ascii_characters() throws Exception {
+    setAuthenticatedUser();
+    definitions.addComponent(PropertyDefinition
+      .builder("foo")
+      .build());
+    propertyDb.insertProperties(newGlobalPropertyDto().setKey("foo").setValue("fi±∞…"));
+
+    ValuesWsResponse result = executeRequestForGlobalProperties("foo");
+
+    assertThat(result.getSettings(0).getValue()).isEqualTo("fi±∞…");
+  }
+
   @Test
   public void fail_when_user_has_not_project_browse_permission() throws Exception {
     userSession.login("project-admin").addProjectUuidPermissions(CODEVIEWER, project.uuid());
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/web.xml b/server/sonar-web/src/main/webapp/WEB-INF/web.xml
index 5cc279b60ef..638787dc1f5 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/web.xml
+++ b/server/sonar-web/src/main/webapp/WEB-INF/web.xml
@@ -15,6 +15,14 @@
     <filter-name>UserSessionFilter</filter-name>
     <filter-class>org.sonar.server.user.UserSessionFilter</filter-class>
   </filter>
+  <filter>
+    <filter-name>SetCharacterEncodingFilter</filter-name>
+    <filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class>
+    <init-param>
+      <param-name>encoding</param-name>
+      <param-value>UTF-8</param-value>
+    </init-param>
+  </filter>
   <filter>
     <filter-name>SecurityFilter</filter-name>
     <filter-class>org.sonar.server.platform.web.SecurityServletFilter</filter-class>
@@ -37,6 +45,10 @@
   </filter>
 
   <!-- order of execution is important -->
+  <filter-mapping>
+    <filter-name>SetCharacterEncodingFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
   <filter-mapping>
     <filter-name>RootFilter</filter-name>
     <url-pattern>/*</url-pattern>