Merge pull request #16 from ydubreuil/empty-classname-hardening

[JENKINS-27974]: Safe URL for empty className
jenkinsci · Apr 28, 2015 · 4e0eaee · 4e0eaee
2 parents ba51b56 + c2dfcab
commit 4e0eaee
Showing 1 changed file with 12 additions and 5 deletions.
diff --git a/src/main/java/hudson/tasks/test/TestObject.java b/src/main/java/hudson/tasks/test/TestObject.java
@@ -32,6 +32,7 @@
 import hudson.tasks.junit.TestResultAction;
 import jenkins.model.Jenkins;
 
+import org.apache.commons.lang.StringUtils;
 import org.kohsuke.stapler.*;
 import org.kohsuke.stapler.export.ExportedBean;
 
@@ -371,13 +372,19 @@ protected final String uniquifyName(Collection<? extends TestObject> siblings, S
 
     /**
      * Replaces URL-unsafe characters.
+     *
+     * If s is an empty string, returns "(empty)" otherwise the generated URL would contain
+     * two slashes one after the other and getDynamic() would fail
      */
     public static String safe(String s) {
-        // this still seems to be a bit faster than a single replace with regexp
-        return s.replace('/', '_').replace('\\', '_').replace(':', '_').replace('?', '_').replace('#', '_').replace('%', '_');
-
-        // Note: we probably should some helpers like Commons URIEscapeUtils here to escape all invalid URL chars, but then we
-        // still would have to escape /, ? and so on
+        if (StringUtils.isEmpty(s)) {
+            return "(empty)";
+        } else {
+            // this still seems to be a bit faster than a single replace with regexp
+            return s.replace('/', '_').replace('\\', '_').replace(':', '_').replace('?', '_').replace('#', '_').replace('%', '_');
+            // Note: we probably should some helpers like Commons URIEscapeUtils here to escape all invalid URL chars, but then we
+            // still would have to escape /, ? and so on
+        }
     }
 
     /**