urlvalidator.java

Wicket一个开发Java Web应用程序框架。它使得开发web应用程序变得容易而轻松。 Wicket利用一个POJO data beans组件使得它可以与任何持久层技术相结合。

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.wicket.validation.validator;

import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.wicket.validation.IValidatable;

/**
 * Validator for checking URLs. The default schemes allowed are <code>http://</code>,
 * <code>https://</code>, and <code>ftp://</code>.
 * <p>
 * The behavior of validation is modified by passing in one of these options:
 * <p>
 * <ul>
 * <li><code>ALLOW_2_SLASHES - [FALSE]</code>: Allows double '/' characters in the path
 * component.</li>
 * <li><code>NO_FRAGMENT- [FALSE]</code>: By default fragments are allowed. If this option is
 * included then fragments are flagged as illegal.</li>
 * <li><code>ALLOW_ALL_SCHEMES - [FALSE]</code>: By default only http, https, and ftp are
 * considered valid schemes. Enabling this option will let any scheme pass validation.</li>
 * </ul>
 * <p>
 * This was originally based <code>org.apache.commons.validator.UrlValidator</code>, but the
 * dependency on Jakarta-ORO was removed and it now uses java.util.regexp instead. Usage example:
 * <p>
 * 
 * <pre>
 * <code>
 * Component.add(new UrlValidator({&quot;http&quot;, &quot;https&quot;}));
 * </code>
 * </pre>
 * 
 * @author Vincent Demay
 * @since 1.2.6
 * @see <a href='http://www.ietf.org/rfc/rfc2396.txt' > Uniform Resource Identifiers (URI): Generic
 *      Syntax </a>
 */
public class UrlValidator extends AbstractValidator
{
	private static final long serialVersionUID = 1L;

	/**
	 * Allows all validly-formatted schemes to pass validation instead of supplying a set of valid
	 * schemes.
	 */
	public static final int ALLOW_ALL_SCHEMES = 1 << 0;

	/**
	 * Allow two slashes in the path component of the <code>URL</code>.
	 */
	public static final int ALLOW_2_SLASHES = 1 << 1;

	/**
	 * Enabling this option disallows any <code>URL</code> fragments.
	 */
	public static final int NO_FRAGMENTS = 1 << 2;

	private static final String ALPHA_CHARS = "a-zA-Z";

	private static final String ALPHA_NUMERIC_CHARS = ALPHA_CHARS + "\\d";

	private static final String SPECIAL_CHARS = ";/@&=,.?:+$";

	private static final String VALID_CHARS = "[^\\s" + SPECIAL_CHARS + "]";

	private static final String SCHEME_CHARS = ALPHA_CHARS;

	// Drop numeric, and "+-." for now
	private static final String AUTHORITY_CHARS = ALPHA_NUMERIC_CHARS + "\\-\\.";

	private static final String ATOM = VALID_CHARS + '+';

	/**
	 * This expression derived/taken from the BNF for URI (RFC2396).
	 */
	private static final String URL_PATTERN = "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?";
	// 12 3 4 5 6 7 8 9

	/**
	 * Schema / Protocol (<code>http:</code>, <code>ftp:</code>, <code>file:</code>, etc).
	 */
	private static final int PARSE_URL_SCHEME = 2;

	/**
	 * Includes hostname / ip and port number.
	 */
	private static final int PARSE_URL_AUTHORITY = 4;

	private static final int PARSE_URL_PATH = 5;

	private static final int PARSE_URL_QUERY = 7;

	private static final int PARSE_URL_FRAGMENT = 9;

	/**
	 * Protocol (<code>http:</code>, <code>ftp:</code>, or <code>https:</code>).
	 */
	private static final String SCHEME_PATTERN = "^[" + SCHEME_CHARS + "].*$";

	private static final String AUTHORITY_PATTERN = "^([" + AUTHORITY_CHARS + "]*)(:\\d*)?(.*)?";
	// 1 2 3 4

	private static final int PARSE_AUTHORITY_HOST_IP = 1;

	private static final int PARSE_AUTHORITY_PORT = 2;

	/**
	 * Should always be empty.
	 */
	private static final int PARSE_AUTHORITY_EXTRA = 3;

	private static final String PATH_PATTERN = "^(/[-\\w:@&?=+,.!/~*'%$_;]*)?$";

	private static final String QUERY_PATTERN = "^(.*)$";

	private static final String LEGAL_ASCII_PATTERN = "^[\\x00-\\x7F]+$";

	private static final String IP_V4_DOMAIN_PATTERN = "^(\\d{1,3})[.](\\d{1,3})[.](\\d{1,3})[.](\\d{1,3})$";

	private static final String DOMAIN_PATTERN = "^" + ATOM + "(\\." + ATOM + ")*$";

	private static final String PORT_PATTERN = "^:(\\d{1,5})$";

	private static final String ATOM_PATTERN = "(" + ATOM + ")";

	private static final String ALPHA_PATTERN = "^[" + ALPHA_CHARS + "]";

	/**
	 * Holds the set of current validation options.
	 */
	private long options = 0;

	/**
	 * The set of schemes that are allowed to be in a URL.
	 */
	private Set allowedSchemes = new HashSet();

	/**
	 * If no schemes are provided, default to this set of protocols.
	 */
	protected String[] defaultSchemes = { "http", "https", "ftp" };

	/**
	 * Constructs a <code>UrlValidator</code> with default properties.
	 */
	public UrlValidator()
	{
		this(null);
	}

	/**
	 * Constructs a <code>UrlValidator</code> with the given <code>String</code> array of scheme
	 * options. The validation is modified by passing in options in the <code>schemes</code>
	 * argument.
	 * 
	 * @param schemes
	 *            Pass in one or more <code>URL</code> schemes to consider valid. Passing in a
	 *            <code>null</code> will default to "<code>http,https,ftp</code>" being used.
	 *            If a non-<code>null</code> scheme is specified, then all valid schemes must be
	 *            specified. Setting the <code>ALLOW_ALL_SCHEMES</code> option will ignore the
	 *            contents of <code>schemes</code>.
	 */
	public UrlValidator(String[] schemes)
	{
		this(schemes, 0);
	}

	/**
	 * Constructs a <code>UrlValidator</code> with the given validation options.
	 * 
	 * @param options
	 *            The options should be set using the public constants declared in this class. To
	 *            set multiple options you simply add them together. For example,
	 *            <code>ALLOW_2_SLASHES</code> + <code>NO_FRAGMENTS</code> enables both of those
	 *            options.
	 */
	public UrlValidator(int options)
	{
		this(null, options);
	}

	/**
	 * Constructs a <code>UrlValidator</code> with the given scheme and validation options (see
	 * class description).
	 * 
	 * @param schemes
	 *            Pass in one or more <code>URL</code> schemes to consider valid. Passing in a
	 *            <code>null</code> will default to "<code>http,https,ftp</code>" being used.
	 *            If a non-<code>null</code> scheme is specified, then all valid schemes must be
	 *            specified. Setting the <code>ALLOW_ALL_SCHEMES</code> option will ignore the
	 *            contents of <code>schemes</code>.
	 * @param options
	 *            The options should be set using the public constants declared in this class. To
	 *            set multiple options you simply add them together. For example,
	 *            <code>ALLOW_2_SLASHES</code> + <code>NO_FRAGMENTS</code> enables both of those
	 *            options.
	 * 
	 */
	public UrlValidator(String[] schemes, int options)
	{
		this.options = options;

		if (isOn(ALLOW_ALL_SCHEMES))
		{
			return;
		}

		if (schemes == null)
		{
			schemes = this.defaultSchemes;
		}

		this.allowedSchemes.addAll(Arrays.asList(schemes));
	}

	/**
	 * @see AbstractValidator#onValidate(IValidatable)
	 */
	protected void onValidate(IValidatable validatable)
	{
		String url = (String)validatable.getValue();
		if (url != null && !isValid(url))
		{
			error(validatable);
		}
	}

	/**
	 * Checks if a field has a valid <code>URL</code>. This method is public because it is
	 * directly used in tests.
	 * 
	 * @param value
	 *            The value validation is being performed on. A <code>null</code> value is
	 *            considered invalid.
	 * @return <code>true</code> if the <code>URL</code> is valid
	 */
	public final boolean isValid(String value)
	{
		if (value == null)
		{
			return false;
		}

		Matcher matchAsciiPat = Pattern.compile(LEGAL_ASCII_PATTERN).matcher(value);
		Matcher matchUrlPat = Pattern.compile(URL_PATTERN).matcher(value);


		if (!matchAsciiPat.matches())
		{
			return false;
		}

		// Check the whole url address structure
		if (!matchUrlPat.matches())
		{
			return false;
		}

		if (!isValidScheme(matchUrlPat.group(PARSE_URL_SCHEME)))
		{
			return false;
		}

		if (!isValidAuthority(matchUrlPat.group(PARSE_URL_AUTHORITY)))
		{
			return false;
		}

		if (!isValidPath(matchUrlPat.group(PARSE_URL_PATH)))
		{
			return false;
		}

		if (!isValidQuery(matchUrlPat.group(PARSE_URL_QUERY)))
		{
			return false;
		}

		if (!isValidFragment(matchUrlPat.group(PARSE_URL_FRAGMENT)))
		{
			return false;
		}

		return true;
	}

	/**
	 * Validates a scheme. If schemes[] was initialized to non-<code>null</code>, then only
	 * those schemes are allowed. Note that this is slightly different than for the constructor.
	 * 
	 * @param scheme
	 *            The scheme to validate. A <code>null</code> value is considered invalid.
	 * @return <code>true</code> if the <code>URL</code> is valid