From b9a2ace93b7df07dae24152d05c7f1bb79314893 Mon Sep 17 00:00:00 2001
From: delchev <delchevn@gmail.com>
Date: Sat, 2 Mar 2019 14:01:12 +0200
Subject: [PATCH] utils/v4/url API + tests

---
 .../api/v3/test/AbstractApiSuiteTest.java     |  6 ++++
 .../src/main/resources/utils/v4/url/decode.js | 16 +++++++++
 .../src/main/resources/utils/v4/url/encode.js | 16 +++++++++
 .../src/main/resources/utils/v4/url/escape.js | 16 +++++++++
 .../main/resources/utils/v4/url/escapeForm.js | 16 +++++++++
 .../main/resources/utils/v4/url/escapePath.js | 16 +++++++++
 .../dirigible/api/v3/utils/UrlFacade.java     | 24 +++++++++++++
 .../src/main/resources/utils/v4/url.js        | 35 +++++++++++++++++++
 8 files changed, 145 insertions(+)
 create mode 100644 api/api-facade/api-tests/src/main/resources/utils/v4/url/decode.js
 create mode 100644 api/api-facade/api-tests/src/main/resources/utils/v4/url/encode.js
 create mode 100644 api/api-facade/api-tests/src/main/resources/utils/v4/url/escape.js
 create mode 100644 api/api-facade/api-tests/src/main/resources/utils/v4/url/escapeForm.js
 create mode 100644 api/api-facade/api-tests/src/main/resources/utils/v4/url/escapePath.js
 create mode 100644 api/api-javascript/api-utils/src/main/resources/utils/v4/url.js

diff --git a/api/api-facade/api-tests/src/main/java/org/eclipse/dirigible/api/v3/test/AbstractApiSuiteTest.java b/api/api-facade/api-tests/src/main/java/org/eclipse/dirigible/api/v3/test/AbstractApiSuiteTest.java
index f07fbe84462..31c6ff85486 100644
--- a/api/api-facade/api-tests/src/main/java/org/eclipse/dirigible/api/v3/test/AbstractApiSuiteTest.java
+++ b/api/api-facade/api-tests/src/main/java/org/eclipse/dirigible/api/v3/test/AbstractApiSuiteTest.java
@@ -154,6 +154,12 @@ public void registerModules() {
 		TEST_MODULES.add("utils/v4/escape/unescapeJson.js");
 		TEST_MODULES.add("utils/v4/escape/escapeXml.js");
 		TEST_MODULES.add("utils/v4/escape/unescapeXml.js");
+		
+		TEST_MODULES.add("utils/v4/url/encode.js");
+		TEST_MODULES.add("utils/v4/url/decode.js");
+		TEST_MODULES.add("utils/v4/url/escape.js");
+		TEST_MODULES.add("utils/v4/url/escapePath.js");
+		TEST_MODULES.add("utils/v4/url/escapeForm.js");
 	}
 
 	public void runSuite(IJavascriptEngineExecutor executor, IRepository repository)
diff --git a/api/api-facade/api-tests/src/main/resources/utils/v4/url/decode.js b/api/api-facade/api-tests/src/main/resources/utils/v4/url/decode.js
new file mode 100644
index 00000000000..36a63102223
--- /dev/null
+++ b/api/api-facade/api-tests/src/main/resources/utils/v4/url/decode.js
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2010-2019 SAP and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *   SAP - initial API and implementation
+ */
+var url = require('utils/v4/url');
+
+var input = '%3C%21%5BCDATA%5B%3Cmeta+http-equiv%3D%22refresh%22+content%3D%220%3Burl%3Djavascript%3Adocument.vulnerable%3Dtrue%3B%22%3E%5D%5D%3E';
+var result = url.decode(input, 'UTF-8');
+
+result == '<![CDATA[<meta http-equiv="refresh" content="0;url=javascript:document.vulnerable=true;">]]>'
diff --git a/api/api-facade/api-tests/src/main/resources/utils/v4/url/encode.js b/api/api-facade/api-tests/src/main/resources/utils/v4/url/encode.js
new file mode 100644
index 00000000000..27e6e3ad5c6
--- /dev/null
+++ b/api/api-facade/api-tests/src/main/resources/utils/v4/url/encode.js
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2010-2019 SAP and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *   SAP - initial API and implementation
+ */
+var url = require('utils/v4/url');
+
+var input = '<![CDATA[<meta http-equiv="refresh" content="0;url=javascript:document.vulnerable=true;">]]>';
+var result = url.encode(input, 'UTF-8');
+
+result == '%3C%21%5BCDATA%5B%3Cmeta+http-equiv%3D%22refresh%22+content%3D%220%3Burl%3Djavascript%3Adocument.vulnerable%3Dtrue%3B%22%3E%5D%5D%3E';
diff --git a/api/api-facade/api-tests/src/main/resources/utils/v4/url/escape.js b/api/api-facade/api-tests/src/main/resources/utils/v4/url/escape.js
new file mode 100644
index 00000000000..1a0f8c837f2
--- /dev/null
+++ b/api/api-facade/api-tests/src/main/resources/utils/v4/url/escape.js
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2010-2019 SAP and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *   SAP - initial API and implementation
+ */
+var url = require('utils/v4/url');
+
+var input = 'http://www.test.com?var1=abc123&var2=123 456&var3=стойност';
+var result = url.escape(input);
+console.log(result);
+result == 'http://www.test.com?var1=abc123&var2=123%20456&var3=%D1%81%D1%82%D0%BE%D0%B9%D0%BD%D0%BE%D1%81%D1%82';
diff --git a/api/api-facade/api-tests/src/main/resources/utils/v4/url/escapeForm.js b/api/api-facade/api-tests/src/main/resources/utils/v4/url/escapeForm.js
new file mode 100644
index 00000000000..1eadae819ec
--- /dev/null
+++ b/api/api-facade/api-tests/src/main/resources/utils/v4/url/escapeForm.js
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2010-2019 SAP and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *   SAP - initial API and implementation
+ */
+var url = require('utils/v4/url');
+
+var input = 'http://www.test.com?var1=abc123&var2=123 456&var3=стойност';
+var result = url.escapeForm(input);
+console.log(result);
+result == 'http%3A%2F%2Fwww.test.com%3Fvar1%3Dabc123%26var2%3D123+456%26var3%3D%D1%81%D1%82%D0%BE%D0%B9%D0%BD%D0%BE%D1%81%D1%82';
diff --git a/api/api-facade/api-tests/src/main/resources/utils/v4/url/escapePath.js b/api/api-facade/api-tests/src/main/resources/utils/v4/url/escapePath.js
new file mode 100644
index 00000000000..e6ee88a91af
--- /dev/null
+++ b/api/api-facade/api-tests/src/main/resources/utils/v4/url/escapePath.js
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2010-2019 SAP and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *   SAP - initial API and implementation
+ */
+var url = require('utils/v4/url');
+
+var input = 'http://www.test.com?var1=abc123&var2=123 456&var3=стойност';
+var result = url.escapePath(input);
+console.log(result);
+result == 'http:%2F%2Fwww.test.com%3Fvar1=abc123&var2=123%20456&var3=%D1%81%D1%82%D0%BE%D0%B9%D0%BD%D0%BE%D1%81%D1%82';
diff --git a/api/api-facade/api-utils/src/main/java/org/eclipse/dirigible/api/v3/utils/UrlFacade.java b/api/api-facade/api-utils/src/main/java/org/eclipse/dirigible/api/v3/utils/UrlFacade.java
index a86844f3db1..636e11b27df 100644
--- a/api/api-facade/api-utils/src/main/java/org/eclipse/dirigible/api/v3/utils/UrlFacade.java
+++ b/api/api-facade/api-utils/src/main/java/org/eclipse/dirigible/api/v3/utils/UrlFacade.java
@@ -105,5 +105,29 @@ public static final String escape(String input) {
 		return UrlEscapers.urlFragmentEscaper().escape(input);
 
 	}
+	
+	/**
+	 * Escape URL path
+	 *
+	 * @param input
+	 *            the input string
+	 * @return escaped input
+	 */
+	public static final String escapePath(String input) {
+		return UrlEscapers.urlPathSegmentEscaper().escape(input);
+
+	}
+	
+	/**
+	 * Escape URL fragments
+	 *
+	 * @param input
+	 *            the input string
+	 * @return escaped input
+	 */
+	public static final String escapeForm(String input) {
+		return UrlEscapers.urlFormParameterEscaper().escape(input);
+
+	}
 
 }
diff --git a/api/api-javascript/api-utils/src/main/resources/utils/v4/url.js b/api/api-javascript/api-utils/src/main/resources/utils/v4/url.js
new file mode 100644
index 00000000000..5e4aa6ff5ad
--- /dev/null
+++ b/api/api-javascript/api-utils/src/main/resources/utils/v4/url.js
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2010-2019 SAP and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *   SAP - initial API and implementation
+ */
+
+exports.encode = function(input, charset) {
+	var output = org.eclipse.dirigible.api.v3.utils.UrlFacade.encode(input, charset);
+	return output;
+};
+
+exports.decode = function(input, charset) {
+	var output = org.eclipse.dirigible.api.v3.utils.UrlFacade.decode(input, charset);
+	return output;
+};
+
+exports.escape = function(input) {
+	var output = org.eclipse.dirigible.api.v3.utils.UrlFacade.escape(input);
+	return output;
+};
+
+exports.escapePath = function(input) {
+	var output = org.eclipse.dirigible.api.v3.utils.UrlFacade.escapePath(input);
+	return output;
+};
+
+exports.escapeForm = function(input) {
+	var output = org.eclipse.dirigible.api.v3.utils.UrlFacade.escapeForm(input);
+	return output;
+};
\ No newline at end of file