Hi Ben,
a possible solution for TAP5-2713 (ChecksumPath:
java.lang.StringIndexOutOfBoundsException) ticket could be this:
In 'ChecksumPath' method only check 'slashx' variable and if it is -1 return
NON_EXISTING_RESOURCE, otherwise it executes the normal code.
The patch is in attached.
Regards,
Bob
Roberto Marotta
D.B.M. Srl
Via Enrico Noe, 23
20133 Milano
Tel. 02.26.60.05.21
----- Original Message -----
From: "Ben Weidig" <b...@netzgut.net>
To: "Tapestry users" <users@tapestry.apache.org>
Sent: Monday, 28 March, 2022 4:30:28 PM
Subject: Re: ChecksumPath exception on unexistent assets
Hi Bob,
thanks for informing us about the exception on non-existant resources,
I've created an issue: https://issues.apache.org/jira/browse/TAP5-2713 and
will take a look.
Cheers,
Ben
On Mon, Mar 28, 2022 at 4:15 PM Roberto <robe...@dbmsrl.com> wrote:
>
>
> Hi,
>
> It appears that the
> "org.apache.tapestry5.internal.services.assets.ChecksumPath" class throws
> exception
> like "String index out of range: -1" when trying to apply substring
> function on unexistent resource path.
> Maybe throwing an exception like "404 code error and resource not found"
> would be more convenient.
>
> kind regards
> bob
>
>
>
From 398421cb4692e3c9501e7cf58bf1632e120843d6 Mon Sep 17 00:00:00 2001
From: roberto <robe...@dbmsrl.com>
Date: Fri, 15 Apr 2022 11:56:37 +0200
Subject: [PATCH] TAP5-2713: ChecksumPath:
java.lang.StringIndexOutOfBoundsException
Detection slash might throw an StringIndexOutOfBounds Exception,
this mean that resource doesn't exist and it must respond with a
404 error status code
---
.../services/assets/ChecksumPath.java | 45 +++++++++++--------
1 file changed, 26 insertions(+), 19 deletions(-)
diff --git a/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/assets/ChecksumPath.java b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/assets/ChecksumPath.java
index 95e907eae..d89933bc2 100644
--- a/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/assets/ChecksumPath.java
+++ b/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/assets/ChecksumPath.java
@@ -40,27 +40,34 @@ public class ChecksumPath
this.streamer = streamer;
int slashx = extraPath.indexOf('/');
- checksum = extraPath.substring(0, slashx);
-
- String morePath = extraPath.substring(slashx + 1);
-
- // Slashes at the end of the path should be dropped because
- // they don't make sense. TAP5-2663
- while (morePath.endsWith("/"))
+ // Prevent an StringIndexOutOfBoundsException in the case of resource not found. TAP5-2713
+ checksum = (slashx != -1) ? extraPath.substring(0, slashx) : "";
+ if (slashx != -1)
{
- morePath = morePath.substring(0, morePath.length() - 1);
- }
+ String morePath = extraPath.substring(slashx + 1);
- if (!isBlank(morePath))
- {
- resourcePath = baseFolder == null
- ? morePath
- : baseFolder + "/" + morePath;
+ // Slashes at the end of the path should be dropped because
+ // they don't make sense. TAP5-2663
+ while (morePath.endsWith("/"))
+ {
+ morePath = morePath.substring(0, morePath.length() - 1);
+ }
+
+ if (!isBlank(morePath))
+ {
+ resourcePath = baseFolder == null
+ ? morePath
+ : baseFolder + "/" + morePath;
+ }
+ else {
+ // When we only have something which looks like a checksum but no actual path.
+ // For example, /assets/META-INF/
+ resourcePath = NON_EXISTING_RESOURCE;
+ }
}
- else {
- // When we only have something which looks like a checksum but no actual path.
- // For example, /assets/META-INF/
- resourcePath = NON_EXISTING_RESOURCE;
+ else
+ {
+ resourcePath = NON_EXISTING_RESOURCE;
}
}
@@ -83,7 +90,7 @@ public class ChecksumPath
return streamer.streamResource(resource, checksum, ResourceStreamer.DEFAULT_OPTIONS);
}
-
+
/**
* Copied from StringUtils since it's the only method we want from it.
*/
--
2.24.4
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
