Skip to content

Commit

Permalink
SAK-41165 Ignore invalid left and right params in page diff URLs (sak…
Browse files Browse the repository at this point in the history 
…aiproject#6452)

Ignore these rather than throwing an exception, so we don't get a bug report.
The UI will never generate invalid params here, so this is to catch any
search engines or fuzzing scripts that request invalid URLs.
  • Loading branch information
@smarquard @bjones86
smarquard authored and bjones86 committed Jan 8, 2019
1 parent 4d25e14 commit 03a1f81
Showing 1 changed file with 19 additions and 12 deletions.
31 changes: 19 additions & 12 deletions rwiki/rwiki-tool/tool/src/java/uk/ac/cam/caret/sakai/rwiki/tool/bean/DiffBean.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,13 +104,13 @@ public DiffBean(RWikiObject rwikiObject,

private void setLeftVersionNumber(String versionString)
{
if (versionString != null && !"".equals(versionString))
{
leftVersionNumber = Integer.parseInt(versionString);
}

try
{
if (versionString != null && !"".equals(versionString))
{
leftVersionNumber = Integer.parseInt(versionString);
}

if (rwo.getRevision().intValue() == leftVersionNumber)
{
left = rwo;
Expand All @@ -123,32 +123,33 @@ private void setLeftVersionNumber(String versionString)
}
catch (IllegalArgumentException e)
{
throw new IllegalArgumentException(
"Invalid version number for left revision");
// Default to current revision
left = rwo;
}

}

private void setRightVersionNumber(String versionString)
{
if (versionString != null && !"".equals(versionString))
{
rightVersionNumber = Integer.parseInt(versionString);

try
{
rightVersionNumber = Integer.parseInt(versionString);

if (rwo.getRevision().intValue() == rightVersionNumber)
{
right = rwo;
}
else
{
right = rwikiObjectService.getRWikiHistoryObject(rwo,
rightVersionNumber);
}
}
catch (IllegalArgumentException e)
{
throw new IllegalArgumentException(
"Invalid version number for right revision");
// Default to current revision
right = rwo;
}
}
else
Expand Down Expand Up @@ -218,6 +219,12 @@ public GenericDiffBean getGenericDiffBean()
{
if (db == null)
{
if (left == null) {
left = rwo;
}
if (right == null) {
right = rwo;
}
db = new GenericDiffBean(left.getContent(), right.getContent());
}
return db;
Expand Down

0 comments on commit 03a1f81

Please sign in to comment.