@Test public void sendRedirectWithNoXForwardedAndAbsolutePath() throws Exception { String redirectedUrl = sendRedirect("/foo/bar"); assertEquals("/foo/bar", redirectedUrl); }
@Test public void sendRedirectWithNoXForwardedAndDotDotPath() throws Exception { String redirectedUrl = sendRedirect("../foo/bar"); assertEquals("../foo/bar", redirectedUrl); }
@Test public void sendRedirectWhenRequestOnlyAndNoXForwardedThenUsesRelativeRedirects() throws Exception { this.filter.setRelativeRedirects(true); String location = sendRedirect("/a"); assertEquals("/a", location); }
@Test public void sendRedirectWithLocationHasScheme() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); String location = "http://other.info/foo/bar"; String redirectedUrl = sendRedirect(location); assertEquals(location, redirectedUrl); }
@Test public void sendRedirectWithLocationDotDotPath() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); String redirectedUrl = sendRedirect("parent/../foo/bar"); assertEquals("https://example.com/foo/bar", redirectedUrl); }
@Test public void sendRedirectWithLocationSlashSlash() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); String location = "//other.info/foo/bar"; String redirectedUrl = sendRedirect(location); assertEquals("https:" + location, redirectedUrl); }
@Test public void sendRedirectWithLocationSlashSlashParentDotDot() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); String location = "//other.info/parent/../foo/bar"; String redirectedUrl = sendRedirect(location); assertEquals("https:" + location, redirectedUrl); }
@Test public void sendRedirectWithAbsolutePath() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); String redirectedUrl = sendRedirect("/foo/bar"); assertEquals("https://example.com/foo/bar", redirectedUrl); }
@Test public void sendRedirectWithRelativePath() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); this.request.setRequestURI("/parent/"); String redirectedUrl = sendRedirect("foo/bar"); assertEquals("https://example.com/parent/foo/bar", redirectedUrl); }
@Test // SPR-16506 public void sendRedirectWithAbsolutePathQueryParamAndFragment() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); this.request.setQueryString("oldqp=1"); String redirectedUrl = sendRedirect("/foo/bar?newqp=2#fragment"); assertEquals("https://example.com/foo/bar?newqp=2#fragment", redirectedUrl); }
@Test public void sendRedirectWithRelativePathIgnoresFile() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); this.request.setRequestURI("/parent"); String redirectedUrl = sendRedirect("foo/bar"); assertEquals("https://example.com/foo/bar", redirectedUrl); }
@Test public void sendRedirectWithContextPath() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); this.request.setContextPath("/context"); String redirectedUrl = sendRedirect("/context/foo/bar"); assertEquals("https://example.com/context/foo/bar", redirectedUrl); }
@Test public void sendRedirectWithFileInPathAndRelativeRedirect() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); this.request.setRequestURI("/context/a"); String redirectedUrl = sendRedirect("foo/bar"); assertEquals("https://example.com/context/foo/bar", redirectedUrl); }
@Test public void sendRedirectWhenRequestOnlyAndXForwardedThenUsesRelativeRedirects() throws Exception { this.request.addHeader(X_FORWARDED_PROTO, "https"); this.request.addHeader(X_FORWARDED_HOST, "example.com"); this.request.addHeader(X_FORWARDED_PORT, "443"); this.filter.setRelativeRedirects(true); String location = sendRedirect("/a"); assertEquals("/a", location); }