Foreign characters may be letters and digits, but they're not allowed in Uri/Url schemes

b/11356390

Change-Id: Ic510607ab5f671e3f3f474ea3c2f4af7e9966cb1
This commit is contained in:
Tony Mantler 2013-10-31 16:39:03 -07:00
parent 6ceae42b30
commit 2ed113c713
2 changed files with 15 additions and 1 deletions

View File

@ -175,6 +175,18 @@ public class SSLUtils {
return wrapped;
}
// Character.isLetter() is locale-specific, and will potentially return true for characters
// outside of ascii a-z,A-Z
private static boolean isAsciiLetter(char c) {
return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z');
}
// Character.isDigit() is locale-specific, and will potentially return true for characters
// outside of ascii 0-9
private static boolean isAsciiNumber(char c) {
return ('0' <= c && c <= '9');
}
/**
* Escapes the contents a string to be used as a safe scheme name in the URI according to
* http://tools.ietf.org/html/rfc3986#section-3.1
@ -189,7 +201,7 @@ public class SSLUtils {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < s.length(); i++) {
char c = s.charAt(i);
if (Character.isLetter(c) || Character.isDigit(c)
if (isAsciiLetter(c) || isAsciiNumber(c)
|| ('-' == c) || ('.' == c)) {
// Safe - use as is.
sb.append(c);

View File

@ -48,6 +48,8 @@ public class SSLUtilsTest extends AndroidTestCase {
assertSchemeNameValid(SSLUtils.escapeForSchemeName("name with spaces"));
assertSchemeNameValid(SSLUtils.escapeForSchemeName("odd * & characters"));
assertSchemeNameValid(SSLUtils.escapeForSchemeName("f3v!l;891023-47 +"));
assertSchemeNameValid(
SSLUtils.escapeForSchemeName("\u304d\u307f\u3092\u611b\u3057\u3066\u308b"));
}
private static final char[] RANDOM_DICT = new char[] {