Check if deviceRepresentation is set

Closes #33814

Signed-off-by: Jon Koops <jonkoops@gmail.com>
This commit is contained in:
Jon Koops 2024-10-11 13:25:25 +02:00 committed by Marek Posolda
parent a832381a37
commit 008faf44cf
2 changed files with 26 additions and 17 deletions

View file

@ -38,7 +38,7 @@ public class SecureContextResolver {
}
DeviceRepresentation deviceRepresentation = deviceRepresentationSupplier.get();
String browser = deviceRepresentation.getBrowser();
String browser = deviceRepresentation != null ? deviceRepresentation.getBrowser() : null;
// Safari has a bug where even a secure context is not able to set cookies with the 'Secure' directive.
// Hence, we need to assume the worst case scenario and downgrade to an insecure context.

View file

@ -10,7 +10,16 @@ import java.util.function.Supplier;
public class SecureContextResolverTest {
static final String BROWSER_SAFARI = "Safari/18.0.1";
static DeviceRepresentation DEVICE_UNKOWN;
static DeviceRepresentation DEVICE_SAFARI;
static {
DEVICE_UNKOWN = new DeviceRepresentation();
DEVICE_UNKOWN.setBrowser(DeviceRepresentation.UNKNOWN);
DEVICE_SAFARI = new DeviceRepresentation();
DEVICE_SAFARI.setBrowser("Safari/18.0.1");
}
@Test
public void testHttps() {
@ -53,28 +62,28 @@ public class SecureContextResolverTest {
@Test
public void testQuirksSafari() {
assertSecureContext("https://127.0.0.1", BROWSER_SAFARI, true);
assertSecureContext("https://something", BROWSER_SAFARI, true);
assertSecureContext("http://[::1]", BROWSER_SAFARI,false);
assertSecureContext("http://[0000:0000:0000:0000:0000:0000:0000:0001]", BROWSER_SAFARI, false);
assertSecureContext("http://localhost", BROWSER_SAFARI, false);
assertSecureContext("http://localhost.", BROWSER_SAFARI, false);
assertSecureContext("http://test.localhost", BROWSER_SAFARI, false);
assertSecureContext("http://test.localhost.", BROWSER_SAFARI, false);
assertSecureContext("https://127.0.0.1", DEVICE_SAFARI, true);
assertSecureContext("https://something", DEVICE_SAFARI, true);
assertSecureContext("http://[::1]", DEVICE_SAFARI,false);
assertSecureContext("http://[0000:0000:0000:0000:0000:0000:0000:0001]", DEVICE_SAFARI, false);
assertSecureContext("http://localhost", DEVICE_SAFARI, false);
assertSecureContext("http://localhost.", DEVICE_SAFARI, false);
assertSecureContext("http://test.localhost", DEVICE_SAFARI, false);
assertSecureContext("http://test.localhost.", DEVICE_SAFARI, false);
}
@Test
public void testNoDeviceRepresentation() {
assertSecureContext("http://localhost", null, true);
}
void assertSecureContext(String url, boolean expectedSecureContext) {
assertSecureContext(url, null, expectedSecureContext);
assertSecureContext(url, DEVICE_UNKOWN, expectedSecureContext);
}
void assertSecureContext(String url, String browser, boolean expectedSecureContext) {
DeviceRepresentation deviceRepresentation = new DeviceRepresentation();
void assertSecureContext(String url, DeviceRepresentation deviceRepresentation, boolean expectedSecureContext) {
Supplier<DeviceRepresentation> deviceRepresentationSupplier = () -> deviceRepresentation;
if (browser != null) {
deviceRepresentation.setBrowser(browser);
}
try {
Assert.assertEquals(expectedSecureContext, SecureContextResolver.isSecureContext(new URI(url), deviceRepresentationSupplier));
} catch (URISyntaxException e) {