diff options
author | Álvaro Brey Vilas <alvaro.brey@nextcloud.com> | 2022-04-07 11:23:08 +0300 |
---|---|---|
committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2022-04-07 13:25:30 +0300 |
commit | 4e4b59073c4ea8a0e521fd293a2f1d99a6816f48 (patch) | |
tree | 07ffcbcd76a72a29464b187dec1ad8c1a0bfd96c | |
parent | 3e3eab217f701bd73a7856476d03933c246d7128 (diff) |
Encode single quoptes in usernamesbackport/854/stable-2.10
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
4 files changed, 58 insertions, 14 deletions
diff --git a/library/src/androidTest/java/com/owncloud/android/lib/common/OwnCloudClientTest.kt b/library/src/androidTest/java/com/owncloud/android/lib/common/OwnCloudClientTest.kt index 4786ecc0..5daa7f10 100644 --- a/library/src/androidTest/java/com/owncloud/android/lib/common/OwnCloudClientTest.kt +++ b/library/src/androidTest/java/com/owncloud/android/lib/common/OwnCloudClientTest.kt @@ -66,13 +66,15 @@ class OwnCloudClientTest : AbstractIT() { val credentials = basic("user", "password") val nextcloudClient = NextcloudClient(url, "user", credentials, context) - val testList = ArrayList<Pair<String, String>>() - testList.add(Pair("test@test.de", "test@test.de")) - testList.add(Pair("Test User", "Test%20User")) - testList.add(Pair("test", "test")) - testList.add(Pair("test+test@test.localhost", "test+test@test.localhost")) - testList.add(Pair("test - ab4c", "test%20-%20ab4c")) - testList.add(Pair("test.-&51_+-?@test.localhost", "test.-%2651_+-%3F@test.localhost")) + val testList = listOf( + Pair("test@test.de", "test@test.de"), + Pair("Test User", "Test%20User"), + Pair("test", "test"), + Pair("test+test@test.localhost", "test+test@test.localhost"), + Pair("test - ab4c", "test%20-%20ab4c"), + Pair("test.-&51_+-?@test.localhost", "test.-%2651_+-%3F@test.localhost"), + Pair("test'ab4c", "test%27ab4c") + ) testList.forEach { pair -> client.userId = pair.first diff --git a/library/src/main/java/com/nextcloud/common/NextcloudClient.kt b/library/src/main/java/com/nextcloud/common/NextcloudClient.kt index 76a24938..fdd805ae 100644 --- a/library/src/main/java/com/nextcloud/common/NextcloudClient.kt +++ b/library/src/main/java/com/nextcloud/common/NextcloudClient.kt @@ -171,7 +171,7 @@ class NextcloudClient( } fun getUserIdEncoded(): String { - return Uri.encode(userId, OwnCloudClient.ALLOWED_USERID_CHARACTERS) + return UserIdEncoder.encode(userId) } fun getUserIdPlain(): String { diff --git a/library/src/main/java/com/nextcloud/common/UserIdEncoder.kt b/library/src/main/java/com/nextcloud/common/UserIdEncoder.kt new file mode 100644 index 00000000..336e7aa6 --- /dev/null +++ b/library/src/main/java/com/nextcloud/common/UserIdEncoder.kt @@ -0,0 +1,43 @@ +/* + * Nextcloud Android Library is available under MIT license + * + * @author Álvaro Brey Vilas + * Copyright (C) 2022 Álvaro Brey Vilas + * Copyright (C) 2022 Nextcloud GmbH + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package com.nextcloud.common + +import android.net.Uri + +object UserIdEncoder { + /** + * Characters to skip during userID encoding + */ + private const val ALLOWED_USERID_CHARACTERS = "@+" + + @JvmStatic + fun encode(userId: String): String { + return Uri.encode(userId, ALLOWED_USERID_CHARACTERS) + // single quote is not automatically encoded by Uri but is encoded in NC server + .replace("'", "%27") + } +} diff --git a/library/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java b/library/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java index b94e6abc..3d990a08 100644 --- a/library/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java +++ b/library/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java @@ -28,6 +28,7 @@ package com.owncloud.android.lib.common; import android.net.Uri; import com.nextcloud.common.DNSCache; +import com.nextcloud.common.UserIdEncoder; import com.owncloud.android.lib.common.accounts.AccountUtils; import com.owncloud.android.lib.common.network.RedirectionPath; import com.owncloud.android.lib.common.network.WebdavUtils; @@ -63,11 +64,6 @@ public class OwnCloudClient extends HttpClient { private static final String PARAM_SINGLE_COOKIE_HEADER = "http.protocol.single-cookie-header"; private static final boolean PARAM_SINGLE_COOKIE_HEADER_VALUE = true; private static final String PARAM_PROTOCOL_VERSION = "http.protocol.version"; - /** - * Characters to skip during userID encoding - */ - public static final String ALLOWED_USERID_CHARACTERS = "@+"; - private static byte[] sExhaustBuffer = new byte[1024]; @@ -440,7 +436,10 @@ public class OwnCloudClient extends HttpClient { * @return uri-encoded userId */ public String getUserId() { - return Uri.encode(userId, ALLOWED_USERID_CHARACTERS); + if (userId == null) { + return null; + } + return UserIdEncoder.encode(userId); } public String getUserIdPlain() { |