|
| 1 | +package org.owasp.esapi.codecs.percent; |
| 2 | +import static org.owasp.esapi.codecs.percent.PercentCodecStringTest.PERCENT_CODEC_IMMUNE; |
| 3 | + |
| 4 | +import org.junit.Assert; |
| 5 | +import org.junit.Test; |
| 6 | +import org.owasp.esapi.codecs.PercentCodec; |
| 7 | +/** |
| 8 | + * This test class holds the proof of known deficiencies, inconsistencies, or bugs with the PercentCodec implementation. |
| 9 | + * <br/> |
| 10 | + * The intent is that when that functionality is corrected, these tests should break. That should hopefully encourage |
| 11 | + * the author to move the test to an appropriate Test file and update the functionality to a working expectation. |
| 12 | + */ |
| 13 | +public class PercentCodecKnownIssuesTest { |
| 14 | + |
| 15 | + private PercentCodec codec = new PercentCodec(); |
| 16 | + |
| 17 | + /** |
| 18 | + * PercentCodec has not been fully implemented for codepoint support, which handles UTF16 characters (based on my current understanding). |
| 19 | + * As such, the encoding/decoding of UTF16 will not function as desired through the codec implementation. |
| 20 | + * <br/> |
| 21 | + * When the functionality is corrected this test will break. At that point UTF16 tests should be added to {@link PercentCodecStringTest} and {@link PercentCodecCharacterTest}. |
| 22 | + */ |
| 23 | + @Test |
| 24 | + public void failsUTF16Conversions() { |
| 25 | + //This should be 195 |
| 26 | + int incorrectDecodeExpect = 196; |
| 27 | + |
| 28 | + char[] encodeImmune = PERCENT_CODEC_IMMUNE; |
| 29 | + String decodedValue = ""+(char) 0x100; |
| 30 | + String input = "%C4%80"; |
| 31 | + |
| 32 | + String actualDecodeChar = codec.decode(input); |
| 33 | + int actualChar = (int)actualDecodeChar.charAt(0); |
| 34 | + |
| 35 | + Assert.assertEquals(incorrectDecodeExpect, actualChar); |
| 36 | + |
| 37 | + //This works as expected. |
| 38 | + Assert.assertEquals(input, codec.encode(encodeImmune, decodedValue)); |
| 39 | + } |
| 40 | + |
| 41 | +} |
0 commit comments