github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-23 09:31:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

updated and added test cases

Browse Source
This commit is contained in:
Jeremy Long
2017-03-11 11:09:31 -05:00
parent a61bba2f72
commit 46f227e92e
2 changed files with 90 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
dependency-check-core/src/main/java/org/owasp/dependencycheck/utils/UrlStringUtils.java
View File

@@ -47,8 +47,8 @@ public final class UrlStringUtils {
private static final Pattern IS_URL_TEST = Pattern.compile("^(ht|f)tps?://.*", Pattern.CASE_INSENSITIVE); private static final Pattern IS_URL_TEST = Pattern.compile("^(ht|f)tps?://.*", Pattern.CASE_INSENSITIVE);
/** /**
* Tests if the text provided contains a URL. This is somewhat limited search in that it only looks for * Tests if the text provided contains a URL. This is somewhat limited
* (ftp|http|https):// * search in that it only looks for (ftp|http|https)://
* *
* @param text the text to search * @param text the text to search
* @return true if the text contains a url, otherwise false * @return true if the text contains a url, otherwise false
@@ -67,14 +67,16 @@ public final class UrlStringUtils {
return IS_URL_TEST.matcher(text).matches(); return IS_URL_TEST.matcher(text).matches();
} }
/** /**
* A listing of domain parts that should not be used as evidence. Yes, this is an incomplete list. * A listing of domain parts that should not be used as evidence. Yes, this
* is an incomplete list.
*/ */
private static final Set<String> IGNORE_LIST = new HashSet<>( private static final Set<String> IGNORE_LIST = new HashSet<>(
Arrays.asList("www", "com", "org", "gov", "info", "name", "net", "pro", "tel", "mobi", "xxx")); Arrays.asList("www", "com", "org", "gov", "info", "name", "net", "pro", "tel", "mobi", "xxx"));
/** /**
* <p> * <p>
* Takes a URL, in String format, and adds the important parts of the URL to a list of strings.</p> * Takes a URL, in String format, and adds the important parts of the URL to
* a list of strings.</p>
* <p> * <p>
* Example, given the following input:</p> * Example, given the following input:</p>
* <code>"https://www.somedomain.com/path1/path2/file.php?id=439"</code> * <code>"https://www.somedomain.com/path1/path2/file.php?id=439"</code>
@@ -99,14 +101,21 @@ public final class UrlStringUtils {
} }
final String document = url.getPath(); final String document = url.getPath();
final String[] pathParts = document.split("[\\//]"); final String[] pathParts = document.split("[\\//]");
for (int i = 0; i < pathParts.length - 2; i++) { for (int i = 0; i < pathParts.length - 1; i++) {
if (!pathParts[i].isEmpty()) { if (!pathParts[i].isEmpty()) {
importantParts.add(pathParts[i]); importantParts.add(pathParts[i]);
} }
} }
if (pathParts.length > 0 && !pathParts[pathParts.length - 1].isEmpty()) { if (pathParts.length > 0 && !pathParts[pathParts.length - 1].isEmpty()) {
final String fileNameNoExt = pathParts[pathParts.length - 1].replaceAll("\\..*{0,5}$", ""); final String tmp = pathParts[pathParts.length - 1];
importantParts.add(fileNameNoExt); final int pos = tmp.lastIndexOf('.');
if (pos > 1) {
importantParts.add(tmp.substring(0, pos));
} else if (pos == 0 && tmp.length()>1) {
importantParts.add(tmp.substring(1));
} else {
importantParts.add(tmp);
}
} }
return importantParts; return importantParts;
} }

74
dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/UrlStringUtilsTest.java Normal file
View File

@@ -0,0 +1,74 @@
/*
* This file is part of dependency-check-core.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright (c) 2017 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.utils;
import java.util.Arrays;
import java.util.List;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author jeremy long
*/
public class UrlStringUtilsTest {
/**
* Test of containsUrl method, of class UrlStringUtils.
*/
@Test
public void testContainsUrl() {
String text = "Test of https://github.com";
assertTrue(UrlStringUtils.containsUrl(text));
text = "Test of github.com";
assertFalse(UrlStringUtils.containsUrl(text));
}
/**
* Test of isUrl method, of class UrlStringUtils.
*/
@Test
public void testIsUrl() {
String text = "https://github.com";
assertTrue(UrlStringUtils.isUrl(text));
text = "simple text";
assertFalse(UrlStringUtils.isUrl(text));
}
/**
* Test of extractImportantUrlData method, of class UrlStringUtils.
*/
@Test
public void testExtractImportantUrlData() throws Exception {
String text = "http://github.com/jeremylong/DependencyCheck/index.html";
List<String> expResult = Arrays.asList("github", "jeremylong", "DependencyCheck", "index");;
List<String> result = UrlStringUtils.extractImportantUrlData(text);
assertEquals(expResult, result);
text = "http://github.com/jeremylong/DependencyCheck/.gitignore";
expResult = Arrays.asList("github", "jeremylong", "DependencyCheck", "gitignore");;
result = UrlStringUtils.extractImportantUrlData(text);
assertEquals(expResult, result);
text = "http://github.com/jeremylong/DependencyCheck/something";
expResult = Arrays.asList("github", "jeremylong", "DependencyCheck", "something");;
result = UrlStringUtils.extractImportantUrlData(text);
assertEquals(expResult, result);
}
}