[Fixes #108] Disallow the use of '*' in route parameter names
This commit is contained in:
jacalvar
parent
e8de0f9d6e
commit
3ff9d6e8a0
|
|
@ -299,7 +299,7 @@ namespace Microsoft.AspNet.Routing
|
|||
}
|
||||
|
||||
/// <summary>
|
||||
/// The route parameter name '{0}' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{{', '}}', '/'. The '?' character marks a parameter as optional, and can only occur at the end of the parameter.
|
||||
/// The route parameter name '{0}' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{{', '}}', '/'. The '?' character marks a parameter as optional, and can occur only at the end of the parameter. The '*' character marks a parameter as catch-all, and can occur only at the start of the parameter.
|
||||
/// </summary>
|
||||
internal static string TemplateRoute_InvalidParameterName
|
||||
{
|
||||
|
|
@ -307,7 +307,7 @@ namespace Microsoft.AspNet.Routing
|
|||
}
|
||||
|
||||
/// <summary>
|
||||
/// The route parameter name '{0}' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{{', '}}', '/'. The '?' character marks a parameter as optional, and can only occur at the end of the parameter.
|
||||
/// The route parameter name '{0}' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{{', '}}', '/'. The '?' character marks a parameter as optional, and can occur only at the end of the parameter. The '*' character marks a parameter as catch-all, and can occur only at the start of the parameter.
|
||||
/// </summary>
|
||||
internal static string FormatTemplateRoute_InvalidParameterName(object p0)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -172,7 +172,7 @@
|
|||
<value>The literal section '{0}' is invalid. Literal sections cannot contain the '?' character.</value>
|
||||
</data>
|
||||
<data name="TemplateRoute_InvalidParameterName" xml:space="preserve">
|
||||
<value>The route parameter name '{0}' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{{', '}}', '/'. The '?' character marks a parameter as optional, and can only occur at the end of the parameter.</value>
|
||||
<value>The route parameter name '{0}' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{{', '}}', '/'. The '?' character marks a parameter as optional, and can occur only at the end of the parameter. The '*' character marks a parameter as catch-all, and can occur only at the start of the parameter.</value>
|
||||
</data>
|
||||
<data name="TemplateRoute_InvalidRouteTemplate" xml:space="preserve">
|
||||
<value>The route template cannot start with a '/' or '~' character.</value>
|
||||
|
|
|
|||
|
|
@ -15,7 +15,8 @@ namespace Microsoft.AspNet.Routing.Template
|
|||
private const char CloseBrace = '}';
|
||||
private const char EqualsSign = '=';
|
||||
private const char QuestionMark = '?';
|
||||
|
||||
private const char Asterisk = '*';
|
||||
|
||||
public static RouteTemplate Parse(string routeTemplate, IInlineConstraintResolver constraintResolver)
|
||||
{
|
||||
if (routeTemplate == null)
|
||||
|
|
@ -358,7 +359,7 @@ namespace Microsoft.AspNet.Routing.Template
|
|||
for (var i = 0; i < parameterName.Length; i++)
|
||||
{
|
||||
var c = parameterName[i];
|
||||
if (c == Separator || c == OpenBrace || c == CloseBrace || c == QuestionMark)
|
||||
if (c == Separator || c == OpenBrace || c == CloseBrace || c == QuestionMark || c == Asterisk)
|
||||
{
|
||||
context.Error = String.Format(CultureInfo.CurrentCulture,
|
||||
Resources.TemplateRoute_InvalidParameterName, parameterName);
|
||||
|
|
|
|||
|
|
@ -284,8 +284,31 @@ namespace Microsoft.AspNet.Routing.Template.Tests
|
|||
{
|
||||
ExceptionAssert.Throws<ArgumentException>(
|
||||
() => TemplateParser.Parse("foo/{*}", _inlineConstraintResolver),
|
||||
"The route parameter name '' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{', '}', '/'. " +
|
||||
"The '?' character marks a parameter as optional, and can only occur at the end of the parameter." + Environment.NewLine +
|
||||
"The route parameter name '' is invalid. Route parameter names must be non-empty and cannot" +
|
||||
" contain these characters: '{', '}', '/'. The '?' character marks a parameter as optional," +
|
||||
" and can occur only at the end of the parameter. The '*' character marks a parameter as catch-all," +
|
||||
" and can occur only at the start of the parameter." + Environment.NewLine +
|
||||
"Parameter name: routeTemplate");
|
||||
}
|
||||
|
||||
[Theory]
|
||||
[InlineData("{**}", "*")]
|
||||
[InlineData("{a*}", "a*")]
|
||||
[InlineData("{*a*}", "a*")]
|
||||
[InlineData("{*a*:int}", "a*")]
|
||||
[InlineData("{*a*=5}", "a*")]
|
||||
[InlineData("{*a*b=5}", "a*b")]
|
||||
public void ParseRouteParameter_ThrowsIf_ParameterContainsAsterisk(string template, string parameterName)
|
||||
{
|
||||
// Arrange
|
||||
var expectedMessage = "The route parameter name '" + parameterName + "' is invalid. Route parameter " +
|
||||
"names must be non-empty and cannot contain these characters: '{', '}', '/'. The '?' character " +
|
||||
"marks a parameter as optional, and can occur only at the end of the parameter. The '*' character " +
|
||||
"marks a parameter as catch-all, and can occur only at the start of the parameter.";
|
||||
|
||||
// Act & Assert
|
||||
ExceptionAssert.Throws<ArgumentException>(
|
||||
() => TemplateParser.Parse(template, _inlineConstraintResolver), expectedMessage + Environment.NewLine +
|
||||
"Parameter name: routeTemplate");
|
||||
}
|
||||
|
||||
|
|
@ -339,8 +362,10 @@ namespace Microsoft.AspNet.Routing.Template.Tests
|
|||
{
|
||||
ExceptionAssert.Throws<ArgumentException>(
|
||||
() => TemplateParser.Parse("{a}/{a{aa}/{z}", _inlineConstraintResolver),
|
||||
"The route parameter name 'a{aa' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{', '}', '/'. " +
|
||||
"The '?' character marks a parameter as optional, and can only occur at the end of the parameter." + Environment.NewLine +
|
||||
"The route parameter name 'a{aa' is invalid. Route parameter names must be non-empty and cannot" +
|
||||
" contain these characters: '{', '}', '/'. The '?' character marks a parameter as optional, and" +
|
||||
" can occur only at the end of the parameter. The '*' character marks a parameter as catch-all," +
|
||||
" and can occur only at the start of the parameter." + Environment.NewLine +
|
||||
"Parameter name: routeTemplate");
|
||||
}
|
||||
|
||||
|
|
@ -349,8 +374,10 @@ namespace Microsoft.AspNet.Routing.Template.Tests
|
|||
{
|
||||
ExceptionAssert.Throws<ArgumentException>(
|
||||
() => TemplateParser.Parse("{a}/{}/{z}", _inlineConstraintResolver),
|
||||
"The route parameter name '' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{', '}', '/'. " +
|
||||
"The '?' character marks a parameter as optional, and can only occur at the end of the parameter." + Environment.NewLine +
|
||||
"The route parameter name '' is invalid. Route parameter names must be non-empty and cannot" +
|
||||
" contain these characters: '{', '}', '/'. The '?' character marks a parameter as optional, and" +
|
||||
" can occur only at the end of the parameter. The '*' character marks a parameter as catch-all," +
|
||||
" and can occur only at the start of the parameter." + Environment.NewLine +
|
||||
"Parameter name: routeTemplate");
|
||||
}
|
||||
|
||||
|
|
@ -359,8 +386,10 @@ namespace Microsoft.AspNet.Routing.Template.Tests
|
|||
{
|
||||
ExceptionAssert.Throws<ArgumentException>(
|
||||
() => TemplateParser.Parse("{Controller}.mvc/{?}", _inlineConstraintResolver),
|
||||
"The route parameter name '' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{', '}', '/'. " +
|
||||
"The '?' character marks a parameter as optional, and can only occur at the end of the parameter." + Environment.NewLine +
|
||||
"The route parameter name '' is invalid. Route parameter names must be non-empty and cannot" +
|
||||
" contain these characters: '{', '}', '/'. The '?' character marks a parameter as optional, and" +
|
||||
" can occur only at the end of the parameter. The '*' character marks a parameter as catch-all," +
|
||||
" and can occur only at the start of the parameter." + Environment.NewLine +
|
||||
"Parameter name: routeTemplate");
|
||||
}
|
||||
|
||||
|
|
@ -423,8 +452,10 @@ namespace Microsoft.AspNet.Routing.Template.Tests
|
|||
{
|
||||
ExceptionAssert.Throws<ArgumentException>(
|
||||
() => TemplateParser.Parse("{foor?b}", _inlineConstraintResolver),
|
||||
"The route parameter name 'foor?b' is invalid. Route parameter names must be non-empty and cannot contain these characters: '{', '}', '/'. " +
|
||||
"The '?' character marks a parameter as optional, and can only occur at the end of the parameter." + Environment.NewLine +
|
||||
"The route parameter name 'foor?b' is invalid. Route parameter names must be non-empty and cannot" +
|
||||
" contain these characters: '{', '}', '/'. The '?' character marks a parameter as optional, and" +
|
||||
" can occur only at the end of the parameter. The '*' character marks a parameter as catch-all," +
|
||||
" and can occur only at the start of the parameter." + Environment.NewLine +
|
||||
"Parameter name: routeTemplate");
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue