Skip to content

Commit 795fd98

Browse files
robbaveyrobbavey
committed
Better handle malformed URIs
Raise an error if a URI has inadvertently been supplied without a host Fixes #10414
1 parent 115738c commit 795fd98

File tree

2 files changed

+80
-1
lines changed

2 files changed

+80
-1
lines changed

logstash-core/lib/logstash/util/safe_uri.rb

+2-1
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ class LogStash::Util::SafeURI
1414
attr_reader :uri
1515

1616
public
17-
def initialize(arg)
17+
def initialize(arg, requires_host=true)
1818
@uri = case arg
1919
when String
2020
arg = "//#{arg}" if HOSTNAME_PORT_REGEX.match(arg)
@@ -26,6 +26,7 @@ def initialize(arg)
2626
else
2727
raise ArgumentError, "Expected a string, java.net.URI, or URI, got a #{arg.class} creating a URL"
2828
end
29+
raise ArgumentError, "URI is not valid - host is not specified" if requires_host && @uri.host.nil?
2930
end
3031

3132
def to_s

logstash-core/spec/logstash/util/safe_uri_spec.rb

+78
Original file line numberDiff line numberDiff line change
@@ -32,5 +32,83 @@ module LogStash module Util
3232
end
3333
end
3434
end
35+
36+
describe "#initialize" do
37+
context 'when host is required' do
38+
MALFORMED_URIS = ['http:/user:pass@localhost:9600', 'http:/localhost', 'http:/localhost:9600', 'h;localhost', 'http:://localhost']
39+
40+
context 'malformed uris via string' do
41+
MALFORMED_URIS.each do |arg|
42+
it "#{arg}: should raise an error" do
43+
expect{LogStash::Util::SafeURI.new(arg)}.to raise_error(ArgumentError)
44+
end
45+
end
46+
end
47+
48+
context 'malformed uris via java.net.URI' do
49+
MALFORMED_URIS.each do |arg|
50+
it "#{arg}: should raise an error" do
51+
java_uri = java.net.URI.new(arg)
52+
expect{LogStash::Util::SafeURI.new(java_uri)}.to raise_error(ArgumentError)
53+
end
54+
end
55+
end
56+
57+
context 'malformed uris via Ruby URI' do
58+
MALFORMED_URIS.each do |arg|
59+
it "#{arg}: should raise an error" do
60+
ruby_uri = URI.parse(arg)
61+
expect{LogStash::Util::SafeURI.new(ruby_uri)}.to raise_error(ArgumentError)
62+
end
63+
end
64+
end
65+
66+
context 'uris with a valid host' do
67+
['http://user:pass@notlocalhost:9600', 'http://notlocalhost', 'https://notlocalhost:9600', '//notlocalhost', 'notlocalhost', 'notlocalhost:9200'].each do |arg|
68+
it "#{arg}: should resolve host correctly" do
69+
expect(LogStash::Util::SafeURI.new(arg).host).to eq('notlocalhost')
70+
end
71+
end
72+
end
73+
end
74+
75+
context 'when host is not required' do
76+
MALFORMED_URIS = ['http:/user:pass@localhost:9600', 'http:/localhost', 'http:/localhost:9600', 'h;localhost', 'http:://localhost']
77+
78+
context 'malformed uris via string' do
79+
MALFORMED_URIS.each do |arg|
80+
it "#{arg}: should not raise an error" do
81+
expect{LogStash::Util::SafeURI.new(arg, false)}.not_to raise_error
82+
end
83+
end
84+
end
85+
86+
context 'malformed uris via java.net.URI' do
87+
MALFORMED_URIS.each do |arg|
88+
it "#{arg}: should not raise an error" do
89+
java_uri = java.net.URI.new(arg)
90+
expect{LogStash::Util::SafeURI.new(java_uri, false)}.not_to raise_error
91+
end
92+
end
93+
end
94+
95+
context 'malformed uris via Ruby URI' do
96+
MALFORMED_URIS.each do |arg|
97+
it "#{arg}: should not raise an error" do
98+
ruby_uri = URI.parse(arg)
99+
expect{LogStash::Util::SafeURI.new(ruby_uri, false)}.not_to raise_error
100+
end
101+
end
102+
end
103+
104+
context 'uris with a valid host' do
105+
['http://user:pass@notlocalhost:9600', 'http://notlocalhost', 'https://notlocalhost:9600', '//notlocalhost', 'notlocalhost', 'notlocalhost:9200'].each do |arg|
106+
it "#{arg}: should resolve host correctly" do
107+
expect(LogStash::Util::SafeURI.new(arg, false).host).to eq('notlocalhost')
108+
end
109+
end
110+
end
111+
end
112+
end
35113
end
36114
end end

0 commit comments

Comments
 (0)