return (StrUtils.StartsWith (path, "/(") && path.IndexOf ("/)") > 2);
}
-
+
internal static string RemoveSessionId (string base_path, string file_path)
{
// Caller did a GetSessionId first
internal static string Canonic (string path)
{
+ bool isRooted = IsRooted(path);
+ bool endsWithSlash = path.EndsWith("/");
string [] parts = path.Split (path_sep);
int end = parts.Length;
for (int i = 0; i < end; i++) {
string current = parts [i];
+
+ if (current == "")
+ continue;
+
if (current == "." )
continue;
if (current == "..") {
- if (dest == 0) {
- if (i == 1) // see bug 52599
- continue;
-
- throw new HttpException ("Invalid path.");
- }
-
dest --;
continue;
}
+ if (dest < 0)
+ if (!isRooted)
+ throw new HttpException ("Invalid path.");
+ else
+ dest = 0;
parts [dest++] = current;
}
+ if (dest < 0)
+ throw new HttpException ("Invalid path.");
if (dest == 0)
return "/";
#if NET_2_0
str = RemoveDoubleSlashes (str);
#endif
+ if (isRooted)
+ str = "/" + str;
+ if (endsWithSlash)
+ str = str + "/";
+
return str;
}
--- /dev/null
+//
+// System.Web.Util.UrlUtilsTest.cs - Unit tests for System.Web.Util.UrlUtils
+//
+// Author:
+// Noam Lampert <noaml@mainsoft.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System;
+using System.Text;
+using System.Web;
+using System.Web.Util;
+using System.Collections.Specialized;
+using NUnit.Framework;
+using System.Diagnostics;
+\r
+namespace MonoTests.System.Web.Util\r
+{\r
+ [TestFixture]
+ public class UrlUtilsTest\r
+ {\r
+ [Test]
+ public void CanonicTest()
+ {
+ Assert.AreEqual("/Sample.aspx",UrlUtils.Canonic("/WebApplication1//../Sample.aspx"));
+ }
+ [Test]
+ public void CanonicTest2()
+ {
+ Assert.AreEqual("Sample.aspx",UrlUtils.Canonic("Path1/../Sample.aspx"));
+ }
+ [Test]
+ public void CanonicTest3()
+ {
+ Assert.AreEqual("/Path1/Sample.aspx",UrlUtils.Canonic("/../Path1/Sample.aspx"));
+ }
+ [Test]
+ public void CanonicTest4()
+ {
+ Assert.AreEqual("/Sample.aspx",UrlUtils.Canonic("/../Path1/../../Sample.aspx"));
+ }
+ [Test]
+ [ExpectedException(typeof(HttpException))]
+ public void CanonicTest5()
+ {
+ UrlUtils.Canonic("../Path1/../../Sample.aspx");
+ }
+ }\r
+}\r