vanitasvitae/Smack
1
0
Fork 0
mirror of https://github.com/vanitasvitae/Smack.git synced 2024-11-22 12:02:05 +01:00
Code Issues Releases Wiki Activity

[websocket] Reduce fragility

Browse source 
Replace string-based comparison with a XML parsing when checking for 'open' and 'close' elements.
This commit is contained in:
Guus der Kinderen 2023-11-13 16:03:41 +01:00
parent c7f3e231d0
commit 8c1fa1cc91
1 changed files with 18 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
smack-websocket/src/main/java/org/jivesoftware/smack/websocket/impl/AbstractWebSocket.java
View file

@ -16,6 +16,7 @@
*/ */
package org.jivesoftware.smack.websocket.impl; package org.jivesoftware.smack.websocket.impl;
import java.io.IOException;
import java.util.logging.Logger; import java.util.logging.Logger;
import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSession;
@ -25,8 +26,11 @@ import org.jivesoftware.smack.c2s.internal.ModularXmppClientToServerConnectionIn
import org.jivesoftware.smack.debugger.SmackDebugger; import org.jivesoftware.smack.debugger.SmackDebugger;
import org.jivesoftware.smack.packet.TopLevelStreamElement; import org.jivesoftware.smack.packet.TopLevelStreamElement;
import org.jivesoftware.smack.packet.XmlEnvironment; import org.jivesoftware.smack.packet.XmlEnvironment;
import org.jivesoftware.smack.util.PacketParserUtils;
import org.jivesoftware.smack.websocket.WebSocketException; import org.jivesoftware.smack.websocket.WebSocketException;
import org.jivesoftware.smack.websocket.rce.WebSocketRemoteConnectionEndpoint; import org.jivesoftware.smack.websocket.rce.WebSocketRemoteConnectionEndpoint;
import org.jivesoftware.smack.xml.XmlPullParser;
import org.jivesoftware.smack.xml.XmlPullParserException;
public abstract class AbstractWebSocket { public abstract class AbstractWebSocket {
@ -99,25 +103,27 @@ public abstract class AbstractWebSocket {
return streamElement; return streamElement;
} }
// TODO: Make this method less fragile, e.g. by parsing a little bit into the element to ensure that this is an
// <open/> element qualified by the correct namespace.
static boolean isOpenElement(String text) { static boolean isOpenElement(String text) {
if (text.startsWith("<open ")) { XmlPullParser parser;
return true; try {
} parser = PacketParserUtils.getParserFor(text);
parser.nextTag();
return "open".equals(parser.getName()) && "urn:ietf:params:xml:ns:xmpp-framing".equals(parser.getNamespace());
} catch (XmlPullParserException | IOException e) {
return false; return false;
} }
}
// TODO: Make this method less fragile, e.g. by parsing a little bit into the element to ensure that this is an
// <close/> element qualified by the correct namespace. The fragility comes due the fact that the element could,
// inter alia, be specified as
// <close:close xmlns:close="urn:ietf:params:xml:ns:xmpp-framing"/>
static boolean isCloseElement(String text) { static boolean isCloseElement(String text) {
if (text.startsWith("<close xmlns='urn:ietf:params:xml:ns:xmpp-framing'/>")) { XmlPullParser parser;
return true; try {
} parser = PacketParserUtils.getParserFor(text);
parser.nextTag();
return "close".equals(parser.getName()) && "urn:ietf:params:xml:ns:xmpp-framing".equals(parser.getNamespace());
} catch (XmlPullParserException | IOException e) {
return false; return false;
} }
}
protected void onWebSocketFailure(Throwable throwable) { protected void onWebSocketFailure(Throwable throwable) {
WebSocketException websocketException = new WebSocketException(throwable); WebSocketException websocketException = new WebSocketException(throwable);