Hi Gili,
I'm trying to test that the server does not break and logs an appropriate
error after receiving "strange" HTTP requests.
In this case, the request would be an HTTP GET with a header similar to
this:
GET /test{} HTTP/1.1
I'm reading the JAX-RS API again, and the error I was getting actually
makes sense because the path() method takes a string that may contain
template parameters. I'm not sure why it worked on previous versions.
However, the question remains. Would there be a way to do this kind of
thing with JAX-RS/Jersey?
Thanks again!
Gabriel
On Wed, Aug 20, 2014 at 4:27 PM, cowwoc <cowwoc_at_bbs.darktech.org> wrote:
> Hi Gabriel,
>
> Not that I know of. Explain to me again what you're trying to test? What
> kind of "unexpected input" would you send? Why do you need to access it
> still encoded? And what do you expect the server to do once it receives
> this unexpected input?
>
> Gili
>
>
> On 20/08/2014 3:07 PM, Gabriel Soto wrote:
>
> Thanks for the quick reply, Gili.
>
> Your answer provokes a new question. I'd prefer the request to have the
> URL unescaped, since I'm trying to test the server's behavior when faced
> with this kind of unexpected input.
>
> I can see that the Jersey client does escape URLs by default. Is it
> possible to change this behavior so the sent request contains the original
> URL?
>
> Thanks,
> Gabriel
>
> On Wed, Aug 20, 2014 at 3:17 PM, cowwoc <cowwoc_at_bbs.darktech.org> wrote:
>
>> I don't know the answer to your question but I would point out that
>> according to the Java: the argument is "the path, may contain URI template
>> parameters."
>>
>> Perhaps you can escape the braces using percent/URL encoding? Or perhaps
>> a double slash?
>>
>> I think the Javadoc should discuss how to escape braces, so I suggest a
>> issue to that effect.
>>
>> Gili
>>
>>
>> On 20/08/2014 2:08 PM, Gabriel Soto wrote:
>>
>>> I'm trying to perform some fuzz testing by sending requests to a server
>>> with malformed URIs.
>>>
>>> The following minimal code worked well on Jersey 2.3.1:
>>>
>>> ClientBuilder.newClient()
>>> .target(UriBuilder.fromUri("http://localhost"))
>>> .path("test{}")
>>> .request();
>>>
>>> We just updated to 2.11.0 and the same code produces the following error:
>>>
>>> java.lang.IllegalStateException: Illegal character "}" at position 5 is
>>> not allowed as a start of a name in a path template "test{}".
>>> at
>>> org.glassfish.jersey.client.JerseyWebTarget.getUri(JerseyWebTarget.java:136)
>>> at
>>> org.glassfish.jersey.client.JerseyWebTarget.request(JerseyWebTarget.java:216)
>>> at
>>> org.glassfish.jersey.client.JerseyWebTarget.request(JerseyWebTarget.java:59)
>>> (...)
>>> Caused by: java.lang.IllegalArgumentException: Illegal character "}" at
>>> position 5 is not allowed as a start of a name in a path template "test{}".
>>> at
>>> org.glassfish.jersey.uri.internal.UriTemplateParser.parseName(UriTemplateParser.java:328)
>>> at
>>> org.glassfish.jersey.uri.internal.UriTemplateParser.parse(UriTemplateParser.java:251)
>>> at
>>> org.glassfish.jersey.uri.internal.UriTemplateParser.<init>(UriTemplateParser.java:110)
>>> at
>>> org.glassfish.jersey.uri.UriTemplate.createUriComponent(UriTemplate.java:1001)
>>> at
>>> org.glassfish.jersey.uri.UriTemplate.createURIWithStringValues(UriTemplate.java:961)
>>> at
>>> org.glassfish.jersey.uri.UriTemplate.createURIWithStringValues(UriTemplate.java:906)
>>> at
>>> org.glassfish.jersey.uri.UriTemplate.createURI(UriTemplate.java:871)
>>> at
>>> org.glassfish.jersey.uri.internal.JerseyUriBuilder._build(JerseyUriBuilder.java:893)
>>> at
>>> org.glassfish.jersey.uri.internal.JerseyUriBuilder.build(JerseyUriBuilder.java:810)
>>> at
>>> org.glassfish.jersey.client.JerseyWebTarget.getUri(JerseyWebTarget.java:134)
>>> (...)
>>>
>>> I'm trying to understand if this is related to
>>> https://java.net/jira/browse/JERSEY-2525
>>> It certainly doesn't look fixed in this version.
>>>
>>> Any ideas?
>>>
>>> Thanks,
>>> Gabriel
>>>
>>
>>
>
>