GitHubWebHookCrumbExclusion should be more forgiving if the user leav…

…es off the trailing slash
jenkinsci · Nov 7, 2016 · 098e1cb · 098e1cb
1 parent c7927b4
commit 098e1cb
Show file tree

Hide file tree

Showing 2 changed files with 75 additions and 4 deletions.
diff --git a/src/main/java/com/cloudbees/jenkins/GitHubWebHookCrumbExclusion.java b/src/main/java/com/cloudbees/jenkins/GitHubWebHookCrumbExclusion.java
@@ -16,11 +16,15 @@ public class GitHubWebHookCrumbExclusion extends CrumbExclusion {
     public boolean process(HttpServletRequest req, HttpServletResponse resp, FilterChain chain)
             throws IOException, ServletException {
         String pathInfo = req.getPathInfo();
-        if (pathInfo != null && pathInfo.equals(getExclusionPath())) {
-            chain.doFilter(req, resp);
-            return true;
+        if (pathInfo == null || pathInfo.equals("")) {
+            return false;
         }
-        return false;
+        pathInfo = !pathInfo.endsWith("/") ? pathInfo + '/' : pathInfo;
+        if (!pathInfo.equals(getExclusionPath())) {
+            return false;
+        }
+        chain.doFilter(req, resp);
+        return true;
     }
 
     public String getExclusionPath() {

diff --git a/src/test/java/com/cloudbees/jenkins/GitHubWebHookCrumbExclusionTest.java b/src/test/java/com/cloudbees/jenkins/GitHubWebHookCrumbExclusionTest.java
@@ -0,0 +1,67 @@
+package com.cloudbees.jenkins;
+
+import org.junit.Before;
+import org.junit.Test;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import static junit.framework.Assert.assertFalse;
+import static junit.framework.TestCase.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+public class GitHubWebHookCrumbExclusionTest {
+
+    private GitHubWebHookCrumbExclusion exclusion;
+    private HttpServletRequest req;
+    private HttpServletResponse resp;
+    private FilterChain chain;
+
+    @Before
+    public void before() {
+        exclusion = new GitHubWebHookCrumbExclusion();
+        req = mock(HttpServletRequest.class);
+        resp = mock(HttpServletResponse.class);
+        chain = mock(FilterChain.class);
+    }
+
+    @Test
+    public void testFullPath() throws Exception {
+        when(req.getPathInfo()).thenReturn("/github-webhook/");
+        assertTrue(exclusion.process(req, resp, chain));
+        verify(chain, times(1)).doFilter(req, resp);
+    }
+
+    @Test
+    public void testFullPathWithoutSlash() throws Exception {
+        when(req.getPathInfo()).thenReturn("/github-webhook");
+        assertTrue(exclusion.process(req, resp, chain));
+        verify(chain, times(1)).doFilter(req, resp);
+    }
+
+    @Test
+    public void testInvalidPath() throws Exception {
+        when(req.getPathInfo()).thenReturn("/some-other-url/");
+        assertFalse(exclusion.process(req, resp, chain));
+        verify(chain, never()).doFilter(req, resp);
+    }
+
+    @Test
+    public void testNullPath() throws Exception {
+        when(req.getPathInfo()).thenReturn(null);
+        assertFalse(exclusion.process(req, resp, chain));
+        verify(chain, never()).doFilter(req, resp);
+    }
+
+    @Test
+    public void testEmptyPath() throws Exception {
+        when(req.getPathInfo()).thenReturn("");
+        assertFalse(exclusion.process(req, resp, chain));
+        verify(chain, never()).doFilter(req, resp);
+    }
+}