Skip to content

remove idiotic dependency #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rainer-prosi merged 2 commits into from
Feb 20, 2026
Merged

remove idiotic dependency #184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f25e5b2
remove idiotic dependency
rainer-prosi Feb 20, 2026
cd378bf
need some escape
rainer-prosi Feb 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -151,19 +151,18 @@ dependencies {

implementation 'org.eclipse.jetty.ee10:jetty-ee10-servlet:12.0.22'
implementation("org.apache.commons:commons-lang3:3.20.0")
implementation 'org.apache.commons:commons-text:1.11.0'
implementation 'org.apache.commons:commons-fileupload2-jakarta-servlet6:2.+'
implementation 'jakarta.servlet:jakarta.servlet-api:6.1.0'
implementation 'com.sun.mail:jakarta.mail:2.0.1'
implementation 'org.apache.commons:commons-lang3:3.18.0'
implementation 'org.apache.commons:commons-lang3:3.18.0'


implementation 'org.apache.logging.log4j:log4j-core:2.25.2'
implementation 'org.apache.logging.log4j:log4j-jcl:2.25.2'

testImplementation 'org.junit.jupiter:junit-jupiter-api:5.13.4'
testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.13.4'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher:1.13.4'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher:1.13.4'
testImplementation 'org.springframework:spring-test:6.2.+'
testImplementation 'org.springframework:spring-web:6.2.+'
testImplementation 'org.mockito:mockito-core:5.20.0'
Expand Down
14 changes: 7 additions & 7 deletions src/main/java/org/cip4/jdfutility/GetFileServlet.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
* The CIP4 Software License, Version 1.0
*
*
* Copyright (c) 2001-2022 The International Cooperation for the Integration of Processes in Prepress, Press and Postpress (CIP4). All rights reserved.
* Copyright (c) 2001-2026 The International Cooperation for the Integration of Processes in Prepress, Press and Postpress (CIP4). All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
*
Expand Down Expand Up @@ -44,10 +44,10 @@
import java.nio.file.InvalidPathException;
import java.nio.file.Path;

import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.cip4.jdflib.util.StreamUtil;
import org.cip4.jdflib.util.StringUtil;
import org.cip4.jdflib.util.UrlUtil;

import jakarta.servlet.ServletConfig;
Expand Down Expand Up @@ -92,8 +92,8 @@ public void destroy()

/**
* Handles the HTTP <code>GET</code> method.
*
* @param request servlet request
*
* @param request servlet request
* @param response servlet response
*/
@Override
Expand All @@ -104,8 +104,8 @@ protected void doGet(final HttpServletRequest request, final HttpServletResponse

/**
* Handles the HTTP <code>POST</code> method.
*
* @param request servlet request
*
* @param request servlet request
* @param response servlet response
*/
@Override
Expand Down Expand Up @@ -140,7 +140,7 @@ void processRequest(final HttpServletRequest request, final HttpServletResponse
response.setContentType(UrlUtil.TEXT_HTML);
response.setStatus(404);
os.write("<HTML><H1>Error</H1><br/>Cannot find file: ".getBytes());
os.write(StringEscapeUtils.escapeHtml3(localName).getBytes());
os.write(StringUtil.replaceCharSet(localName, "<>", "_", 0).getBytes());
os.write("</HTML>".getBytes());
}
StreamUtil.close(os);
Expand Down
44 changes: 22 additions & 22 deletions src/test/java/org/cip4/jdfutility/GetFileServletTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
* The CIP4 Software License, Version 1.0
*
*
* Copyright (c) 2001-2022 The International Cooperation for the Integration of Processes in Prepress, Press and Postpress (CIP4). All rights reserved.
* Copyright (c) 2001-2026 The International Cooperation for the Integration of Processes in Prepress, Press and Postpress (CIP4). All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
*
Expand Down Expand Up @@ -44,31 +44,31 @@
import java.nio.file.Path;
import java.nio.file.Paths;

import jakarta.servlet.ServletException;

import org.cip4.jdflib.core.JDFCoreConstants;
import org.junit.jupiter.api.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockServletConfig;

import jakarta.servlet.ServletException;

public class GetFileServletTest
{

@Test
public void processRequest() throws ServletException, URISyntaxException, IOException
{
Path file = Paths.get(GetFileServlet.class.getResource("/data/resourceInfo.jmf").toURI());
final Path file = Paths.get(GetFileServlet.class.getResource("/data/resourceInfo.jmf").toURI());

MockServletConfig config = new MockServletConfig();
final MockServletConfig config = new MockServletConfig();
config.addInitParameter("rootDir", file.getParent().toString());

GetFileServlet servlet = new GetFileServlet();
final GetFileServlet servlet = new GetFileServlet();
servlet.init(config);

MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletRequest request = new MockHttpServletRequest();
request.setPathInfo(file.getFileName().toString());
MockHttpServletResponse response = new MockHttpServletResponse();
final MockHttpServletResponse response = new MockHttpServletResponse();

servlet.processRequest(request, response);

Expand All @@ -80,17 +80,17 @@ public void processRequest() throws ServletException, URISyntaxException, IOExce
@Test
public void processRequestFileNotExists() throws ServletException, URISyntaxException, IOException
{
Path root = Paths.get(GetFileServlet.class.getResource("/data").toURI());
final Path root = Paths.get(GetFileServlet.class.getResource("/data").toURI());

MockServletConfig config = new MockServletConfig();
final MockServletConfig config = new MockServletConfig();
config.addInitParameter("rootDir", root.toString());

GetFileServlet servlet = new GetFileServlet();
final GetFileServlet servlet = new GetFileServlet();
servlet.init(config);

MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletRequest request = new MockHttpServletRequest();
request.setPathInfo("file_that_does_not_exist.txt");
MockHttpServletResponse response = new MockHttpServletResponse();
final MockHttpServletResponse response = new MockHttpServletResponse();

servlet.processRequest(request, response);

Expand All @@ -102,15 +102,15 @@ public void processRequestFileNotExists() throws ServletException, URISyntaxExce
@Test
public void processRequestPathTraversal() throws ServletException, IOException
{
MockServletConfig config = new MockServletConfig();
final MockServletConfig config = new MockServletConfig();
config.addInitParameter("rootDir", "./");

GetFileServlet servlet = new GetFileServlet();
final GetFileServlet servlet = new GetFileServlet();
servlet.init(config);

MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletRequest request = new MockHttpServletRequest();
request.setPathInfo("../attack");
MockHttpServletResponse response = new MockHttpServletResponse();
final MockHttpServletResponse response = new MockHttpServletResponse();

servlet.processRequest(request, response);

Expand All @@ -122,20 +122,20 @@ public void processRequestPathTraversal() throws ServletException, IOException
@Test
public void processRequestInjection() throws ServletException, IOException
{
MockServletConfig config = new MockServletConfig();
final MockServletConfig config = new MockServletConfig();
config.addInitParameter("rootDir", "./");

GetFileServlet servlet = new GetFileServlet();
final GetFileServlet servlet = new GetFileServlet();
servlet.init(config);

MockHttpServletRequest request = new MockHttpServletRequest();
final MockHttpServletRequest request = new MockHttpServletRequest();
request.setPathInfo("<script>attack</script>");
MockHttpServletResponse response = new MockHttpServletResponse();
final MockHttpServletResponse response = new MockHttpServletResponse();

servlet.processRequest(request, response);

assertEquals(404, response.getStatus());
assertEquals("<HTML><H1>Error</H1><br/>Cannot find file: &lt;script&gt;attack&lt;/script&gt;</HTML>", response.getContentAsString());
assertEquals("<HTML><H1>Error</H1><br/>Cannot find file: _script_attack_/script_</HTML>", response.getContentAsString());
assertEquals("text/html", response.getContentType());
}
}
Loading