001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hbase.http; 019 020import static org.junit.jupiter.api.Assertions.assertEquals; 021import static org.junit.jupiter.api.Assertions.assertThrows; 022 023import java.util.Arrays; 024import java.util.List; 025import org.apache.hadoop.hbase.testclassification.SmallTests; 026import org.junit.jupiter.api.Tag; 027import org.junit.jupiter.api.Test; 028 029@Tag(SmallTests.TAG) 030public class TestProfileOutputServlet { 031 032 @Test 033 public void testSanitization() { 034 List<String> good = 035 Arrays.asList("abcd", "key=value", "key1=value&key2=value2", "", "host=host-1.example.com"); 036 for (String input : good) { 037 assertEquals(input, ProfileOutputServlet.sanitize(input)); 038 } 039 List<String> bad = Arrays.asList("function(){console.log(\"oops\")}", "<strong>uhoh</strong>"); 040 for (String input : bad) { 041 assertThrows(RuntimeException.class, () -> ProfileOutputServlet.sanitize(input), 042 "Expected sanitization of \"" + input + "\" to fail"); 043 } 044 } 045 046}