Add forward slash encoding to DefaultEncoder's encodeForLDAP and encodeForDN (v3)

noloader · noloader · commit 0ff0ddb174c9 · 2022-06-29T13:46:31.000-04:00
According to [1] and [2], the forward slash ('/') character should be encoded for LDAP filters and distinguished names. [1] https://docs.microsoft.com/en-us/windows/win32/adsi/search-filter-syntax [2] https://social.technet.microsoft.com/wiki/contents/articles/5312.active-directory-characters-to-escape.aspx
diff --git a/src/test/java/org/owasp/esapi/reference/EncoderTest.java b/src/test/java/org/owasp/esapi/reference/EncoderTest.java
@@ -535,6 +535,7 @@ public void testEncodeForLDAP() {
         assertEquals("Zeros", "Hi \\00", instance.encodeForLDAP("Hi \u0000"));
         assertEquals("LDAP Christams Tree", "Hi \\28This\\29 = is \\2a a \\5c test # � � �", instance.encodeForLDAP("Hi (This) = is * a \\ test # � � �"));
         assertEquals("Hi \\28This\\29 =", instance.encodeForLDAP("Hi (This) ="));
+        assertEquals("Forward slash for \\2fMicrosoft\\2f \\2fAD\\2f", instance.encodeForLDAP("Forward slash for /Microsoft/ /AD/"));
     }
     
     /**
@@ -547,6 +548,7 @@ public void testEncodeForLDAPWithoutEncodingWildcards() {
         assertEquals("No special characters to escape", "Hi This is a test #��", instance.encodeForLDAP("Hi This is a test #��", false));
         assertEquals("Zeros", "Hi \\00", instance.encodeForLDAP("Hi \u0000", false));
         assertEquals("LDAP Christams Tree", "Hi \\28This\\29 = is * a \\5c test # � � �", instance.encodeForLDAP("Hi (This) = is * a \\ test # � � �", false));
+        assertEquals("Forward slash for \\2fMicrosoft\\2f \\2fAD\\2f", instance.encodeForLDAP("Forward slash for /Microsoft/ /AD/"));
     }
     
     /**
@@ -563,6 +565,7 @@ public void testEncodeForDN() {
         assertEquals("less than greater than", "Hello\\<\\>", instance.encodeForDN("Hello<>"));
         assertEquals("only 3 spaces", "\\  \\ ", instance.encodeForDN("   "));
         assertEquals("Christmas Tree DN", "\\ Hello\\\\ \\+ \\, \\\"World\\\" \\;\\ ", instance.encodeForDN(" Hello\\ + , \"World\" ; "));
+        assertEquals("Forward slash for \\2fMicrosoft\\2f \\2fAD\\2f", instance.encodeForDN("Forward slash for /Microsoft/ /AD/"));
     }
     
     /**

Original file line number	Diff line number	Diff line change
`@@ -535,6 +535,7 @@ public void testEncodeForLDAP() {`
`535`	`535`	`assertEquals("Zeros", "Hi \\00", instance.encodeForLDAP("Hi \u0000"));`
`536`	`536`	`assertEquals("LDAP Christams Tree", "Hi \\28This\\29 = is \\2a a \\5c test # � � �", instance.encodeForLDAP("Hi (This) = is * a \\ test # � � �"));`
`537`	`537`	`assertEquals("Hi \\28This\\29 =", instance.encodeForLDAP("Hi (This) ="));`
	`538`	`+ assertEquals("Forward slash for \\2fMicrosoft\\2f \\2fAD\\2f", instance.encodeForLDAP("Forward slash for /Microsoft/ /AD/"));`
`538`	`539`	`}`
`539`	`540`
`540`	`541`	`/**`
`@@ -547,6 +548,7 @@ public void testEncodeForLDAPWithoutEncodingWildcards() {`
`547`	`548`	`assertEquals("No special characters to escape", "Hi This is a test #��", instance.encodeForLDAP("Hi This is a test #��", false));`
`548`	`549`	`assertEquals("Zeros", "Hi \\00", instance.encodeForLDAP("Hi \u0000", false));`
`549`	`550`	`assertEquals("LDAP Christams Tree", "Hi \\28This\\29 = is * a \\5c test # � � �", instance.encodeForLDAP("Hi (This) = is * a \\ test # � � �", false));`
	`551`	`+ assertEquals("Forward slash for \\2fMicrosoft\\2f \\2fAD\\2f", instance.encodeForLDAP("Forward slash for /Microsoft/ /AD/"));`
`550`	`552`	`}`
`551`	`553`
`552`	`554`	`/**`
`@@ -563,6 +565,7 @@ public void testEncodeForDN() {`
`563`	`565`	`assertEquals("less than greater than", "Hello\\<\\>", instance.encodeForDN("Hello<>"));`
`564`	`566`	`assertEquals("only 3 spaces", "\\ \\ ", instance.encodeForDN(" "));`
`565`	`567`	`assertEquals("Christmas Tree DN", "\\ Hello\\\\ \\+ \\, \\\"World\\\" \\;\\ ", instance.encodeForDN(" Hello\\ + , \"World\" ; "));`
	`568`	`+ assertEquals("Forward slash for \\2fMicrosoft\\2f \\2fAD\\2f", instance.encodeForDN("Forward slash for /Microsoft/ /AD/"));`
`566`	`569`	`}`
`567`	`570`
`568`	`571`	`/**`