From 7fc68e34923e3fe08b1b0dc81f7def4ab76d2b1e Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Fri, 27 Jan 2017 16:50:25 +0100 Subject: [PATCH] SONAR-8388 HTTP POST request parameters are handled as UTF-8 by default --- .../it/settings/DeprecatedPropertiesWsTest.java | 2 +- .../server/platform/web/SecurityServletFilter.java | 1 - .../org/sonar/server/setting/ws/SetActionTest.java | 8 ++++++++ .../sonar/server/setting/ws/ValuesActionTest.java | 13 +++++++++++++ server/sonar-web/src/main/webapp/WEB-INF/web.xml | 12 ++++++++++++ 5 files changed, 34 insertions(+), 2 deletions(-) diff --git a/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java b/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java index c0f431a7e45..876cfccd071 100644 --- a/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java +++ b/it/it-tests/src/test/java/it/settings/DeprecatedPropertiesWsTest.java @@ -353,7 +353,7 @@ public class DeprecatedPropertiesWsTest { .url(url)); } - public static Response call(Request.Builder requestBuilder) { + private static Response call(Request.Builder requestBuilder) { try { requestBuilder.header("Authorization", Credentials.basic("admin", "admin")); Response response = new OkHttpClient.Builder() diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java b/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java index c533f7e1ec1..1ce76a84148 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java +++ b/server/sonar-server/src/main/java/org/sonar/server/platform/web/SecurityServletFilter.java @@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletResponse; /** * This servlet filter sets response headers that enable browser protection against several classes if Web attacks. - * The list of headers is mirrored in environment.rb as a workaround to Rack swallowing the headers.. */ public class SecurityServletFilter implements Filter { diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java index 23a37000e5c..8ab347473f9 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/SetActionTest.java @@ -374,6 +374,14 @@ public class SetActionTest { assertGlobalSetting("my.key", "My Value"); } + @Test + public void persist_global_setting_with_non_ascii_characters() { + callForGlobalSetting("my.key", "fi±∞…"); + + assertGlobalSetting("my.key", "fi±∞…"); + assertThat(settingsChangeNotifier.wasCalled).isTrue(); + } + @Test public void fail_when_no_key() { expectedException.expect(IllegalArgumentException.class); diff --git a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java index 61c38d77004..abbe380e386 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java @@ -722,6 +722,19 @@ public class ValuesActionTest { "sonar.plugin.licenseHash.secured"); } + @Test + public void return_simple_value_with_non_ascii_characters() throws Exception { + setAuthenticatedUser(); + definitions.addComponent(PropertyDefinition + .builder("foo") + .build()); + propertyDb.insertProperties(newGlobalPropertyDto().setKey("foo").setValue("fi±∞…")); + + ValuesWsResponse result = executeRequestForGlobalProperties("foo"); + + assertThat(result.getSettings(0).getValue()).isEqualTo("fi±∞…"); + } + @Test public void fail_when_user_has_not_project_browse_permission() throws Exception { userSession.login("project-admin").addProjectUuidPermissions(CODEVIEWER, project.uuid()); diff --git a/server/sonar-web/src/main/webapp/WEB-INF/web.xml b/server/sonar-web/src/main/webapp/WEB-INF/web.xml index 5cc279b60ef..638787dc1f5 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/web.xml +++ b/server/sonar-web/src/main/webapp/WEB-INF/web.xml @@ -15,6 +15,14 @@ UserSessionFilter org.sonar.server.user.UserSessionFilter + + SetCharacterEncodingFilter + org.apache.catalina.filters.SetCharacterEncodingFilter + + encoding + UTF-8 + + SecurityFilter org.sonar.server.platform.web.SecurityServletFilter @@ -37,6 +45,10 @@ + + SetCharacterEncodingFilter + /* + RootFilter /* -- 2.39.5