summaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.lfs.server/src/org
diff options
context:
space:
mode:
authorMatthias Sohn <matthias.sohn@sap.com>2017-01-28 15:06:15 +0100
committerMatthias Sohn <matthias.sohn@sap.com>2017-01-28 15:06:15 +0100
commita4feeb01945e039b39a246f96a1a91b0e4836f01 (patch)
tree087e1b48290ed529412e8ad48efa341952ee2f1b /org.eclipse.jgit.lfs.server/src/org
parent2eb1bebd605852b7ef240e700943dfba7c0a1b3f (diff)
downloadjgit-a4feeb01945e039b39a246f96a1a91b0e4836f01.tar.gz
jgit-a4feeb01945e039b39a246f96a1a91b0e4836f01.zip
Don't rely on default locale when using toUpperCase() and toLowerCase()
Otherwise these methods may produce unexpected results if used for strings that are intended to be interpreted locale independently. Examples are programming language identifiers, protocol keys, and HTML tags. For instance, "TITLE".toLowerCase() in a Turkish locale returns "t\u0131tle", where '\u0131' is the LATIN SMALL LETTER DOTLESS I character. See https://docs.oracle.com/javase/8/docs/api/java/lang/String.html#toLowerCase-- http://blog.thetaphi.de/2012/07/default-locales-default-charsets-and.html Bug: 511238 Change-Id: Id8d8f37d84d62239c918b81f8d883ed798d87656 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Diffstat (limited to 'org.eclipse.jgit.lfs.server/src/org')
-rw-r--r--org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/s3/SignerV4.java6
1 files changed, 4 insertions, 2 deletions
diff --git a/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/s3/SignerV4.java b/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/s3/SignerV4.java
index f95b605c85..4149484c8c 100644
--- a/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/s3/SignerV4.java
+++ b/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/s3/SignerV4.java
@@ -57,6 +57,7 @@ import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
+import java.util.Locale;
import java.util.Map;
import java.util.SimpleTimeZone;
import java.util.SortedMap;
@@ -247,7 +248,7 @@ class SignerV4 {
for (String header : sortedHeaders) {
if (buffer.length() > 0)
buffer.append(";"); //$NON-NLS-1$
- buffer.append(header.toLowerCase());
+ buffer.append(header.toLowerCase(Locale.ROOT));
}
return buffer.toString();
@@ -265,7 +266,8 @@ class SignerV4 {
StringBuilder buffer = new StringBuilder();
for (String key : sortedHeaders) {
- buffer.append(key.toLowerCase().replaceAll("\\s+", " ") + ":" //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ buffer.append(
+ key.toLowerCase(Locale.ROOT).replaceAll("\\s+", " ") + ":" //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ headers.get(key).replaceAll("\\s+", " ")); //$NON-NLS-1$//$NON-NLS-2$
buffer.append("\n"); //$NON-NLS-1$
}