Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This ensures no illegal cookies are send to okhttp #18203

Closed
wants to merge 9 commits into from
Closed

This ensures no illegal cookies are send to okhttp #18203

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
b9e6165
This ensures no illegal cookies are send to okhttp
Mar 5, 2018
06e886e
Merge branch 'master' of https://github.com/facebook/react-native
Mar 16, 2018
f523fc4
Add tests for ReactCookieJarContainer
Mar 16, 2018
295c577
Merge branch 'upstream/master'
Mar 16, 2018
ab9f91c
Fix confusing typo
Mar 16, 2018
182fdc4
Remove unused classes and annotations
Mar 16, 2018
b538d80
Merge branch 'upstream/master'
Mar 17, 2018
1642583
Merge branch 'upstream/master'
Apr 19, 2018
e62f136
Merge branch 'upstream/master'
May 22, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion ReactAndroid/src/main/java/com/facebook/react/modules/network/ReactCookieJarContainer.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
package com.facebook.react.modules.network;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;

import javax.annotation.Nullable;

import okhttp3.Cookie;
import okhttp3.CookieJar;
import okhttp3.Headers;
import okhttp3.HttpUrl;

/**
Expand Down Expand Up @@ -37,7 +39,17 @@ public void saveFromResponse(HttpUrl url, List<Cookie> cookies) {
@Override
public List<Cookie> loadForRequest(HttpUrl url) {
if (cookieJar != null) {
return cookieJar.loadForRequest(url);
List<Cookie> cookies = cookieJar.loadForRequest(url);
ArrayList<Cookie> validatedCookies = new ArrayList<>();
for (Cookie cookie : cookies) {
try {
Headers.Builder cookieChecker = new Headers.Builder();
cookieChecker.add(cookie.name(), cookie.value());
validatedCookies.add(cookie);
} catch (IllegalArgumentException ignored) {
}
}
return validatedCookies;
}
return Collections.emptyList();
}
Expand Down
85 changes: 85 additions & 0 deletions ...Android/src/test/java/com/facebook/react/modules/network/ReactCookieJarContainerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
/**
* Copyright (c) 2015-present, Facebook, Inc.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/

package com.facebook.react.modules.network;

import com.facebook.react.modules.network.ReactCookieJarContainer;
import okhttp3.Cookie;
import okhttp3.CookieJar;
import okhttp3.HttpUrl;
import java.util.List;
import java.util.ArrayList;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.robolectric.RobolectricTestRunner;

import static org.fest.assertions.api.Assertions.assertThat;
import static org.mockito.Mockito.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

/**
* Tests for {@link NetworkingModule}.
*/
@PrepareForTest({
ReactCookieJarContainer.class
})
@RunWith(RobolectricTestRunner.class)
@PowerMockIgnore({"org.mockito.*", "org.robolectric.*", "android.*"})

public class ReactCookieJarContainerTest {

@Test
public void testMissingJar() throws Exception {
ReactCookieJarContainer jarContainer = mock(ReactCookieJarContainer.class);
assertThat(jarContainer.loadForRequest(any(HttpUrl.class)).size()).isEqualTo(0);
}

@Test
public void testEmptyCookies() throws Exception {
ReactCookieJarContainer jarContainer = mock(ReactCookieJarContainer.class);
List<Cookie> cookies = new ArrayList<>();
when(jarContainer.loadForRequest(any(HttpUrl.class))).thenReturn(cookies);
assertThat(jarContainer.loadForRequest(any(HttpUrl.class)).size()).isEqualTo(0);
}

@Test
public void testValidCookies() throws Exception {
ReactCookieJarContainer jarContainer = new ReactCookieJarContainer();
CookieJar cookieJar = mock(CookieJar.class);
jarContainer.setCookieJar(cookieJar);
List<Cookie> cookies = new ArrayList<>();
cookies.add(new Cookie.Builder()
.name("valid")
.value("valid value")
.domain("domain")
.build()
);
when(cookieJar.loadForRequest(any(HttpUrl.class))).thenReturn(cookies);
assertThat(jarContainer.loadForRequest(any(HttpUrl.class)).size()).isEqualTo(1);
}

@Test
public void testInvalidCookies() throws Exception {
ReactCookieJarContainer jarContainer = new ReactCookieJarContainer();
CookieJar cookieJar = mock(CookieJar.class);
jarContainer.setCookieJar(cookieJar);
List<Cookie> cookies = new ArrayList<>();
cookies.add(new Cookie.Builder()
.name("valid")
.value("înválíd välūė")
.domain("domain")
.build()
);
when(cookieJar.loadForRequest(any(HttpUrl.class))).thenReturn(cookies);
assertThat(jarContainer.loadForRequest(any(HttpUrl.class)).size()).isEqualTo(0);
}
}