add endpoint verification.

Author: liyanzhang505

src/main/java/com/aliyun/oss/OSSClient.java

@@ -245,6 +245,8 @@ public synchronized void setEndpoint(String endpoint) {
         URI uri = toURI(endpoint);
         this.endpoint = uri;
 
+        OSSUtils.ensureEndpointValid(uri.getHost());
+
         if (isIpOrLocalhost(uri)) {
             serviceClient.getClientConfiguration().setSLDEnabled(true);
         }

src/main/java/com/aliyun/oss/internal/OSSUtils.java

@@ -53,6 +53,24 @@ public class OSSUtils {
     public static final ResourceManager COMMON_RESOURCE_MANAGER = ResourceManager.getInstance(RESOURCE_NAME_COMMON);
 
     private static final String BUCKET_NAMING_REGEX = "^[a-z0-9][a-z0-9-]{1,61}[a-z0-9]$";
+    private static final String ENDPOINT_REGEX = "^[a-zA-Z0-9._-]+$";
+
+    /**
+     * Validate endpoint.
+     */
+    public static boolean validateEndpoint(String endpoint) {
+        if (endpoint == null) {
+            return false;
+        }
+        return endpoint.matches(ENDPOINT_REGEX);
+    }
+
+    public static void ensureEndpointValid(String endpoint) {
+        if (!validateEndpoint(endpoint)) {
+            throw new IllegalArgumentException(
+                    OSS_RESOURCE_MANAGER.getFormattedString("EndpointInvalid", endpoint));
+        }
+    }
 
     /**
      * Validate bucket name.
@@ -483,5 +501,4 @@ public static void checkChecksum(Long clientChecksum, Long serverChecksum, Strin
             throw new InconsistentException(clientChecksum, serverChecksum, requestId);
         }
     }
-
 }

src/main/resources/oss.properties

@@ -19,3 +19,4 @@ PartNumberMarkerOutOfRange=The part number mark should be in the range of [1-100
 PartNumberOutOfRange=The part number should be in the range of [1-10000].
 NoSuchKey=The specified key does not exist.
 FailedToParseResponse=Response cannot be recognized correctly : "{0}".
+EndpointInvalid=The endpoint "{0}" is invalid, please check it.

src/main/resources/oss_zh_CN.properties

@@ -19,3 +19,4 @@ PartNumberMarkerOutOfRange=Part number marker\u5FC5\u987B\u57281-10000\u4E4B\u95
 PartNumberOutOfRange=Part number\u5FC5\u987B\u57281-10000\u4E4B\u95F4\uFF08\u95ED\u533A\u95F4\uFF09\u3002
 NoSuchKey=Key\u4E0D\u5B58\u5728\u3002
 FailedToParseResponse=\u8FD4\u56DE\u7ED3\u679C\u65E0\u6CD5\u6B63\u786E\u89E3\u6790\u3002 : "{0}"
+EndpointInvalid=The endpoint "{0}" is invalid, please check it.

src/test/java/com/aliyun/oss/OSSClientArgCheckTest.java

@@ -26,6 +26,8 @@
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
+import java.net.MalformedURLException;
+import java.net.URL;
 
 import org.junit.Assert;
 import org.junit.Test;
@@ -73,6 +75,47 @@ public void testValidBucketName() {
         Assert.assertFalse(OSSUtils.validateBucketName(bucketName + "\\dd"));
     }
 
+    @Test
+    public void testValidEndpoint() {
+        URL url1 = null;
+        URL url2 = null;
+        URL url3 = null;
+
+        try {
+            url1 = new URL("https://www.test.com\\www.aliyun.com?x=123");
+            url2 = new URL("http://www.test.com#www.aliyun.com?x=123");
+            url3 = new URL("http://www.aliyun.com?x=123");
+        } catch (MalformedURLException e) {
+            e.printStackTrace();
+        }
+
+        Assert.assertNotNull(url1);
+        Assert.assertNotNull(url2);
+        Assert.assertNotNull(url3);
+
+        Assert.assertFalse(OSSUtils.validateEndpoint(url1.getHost()));
+        Assert.assertFalse(OSSUtils.validateEndpoint(url2.getHost()));
+        Assert.assertTrue(OSSUtils.validateEndpoint(url3.getHost()));
+
+        Assert.assertTrue(OSSUtils.validateEndpoint("oss-cn-shenzhen.aliyuncs.com"));
+        Assert.assertTrue(OSSUtils.validateEndpoint("abc_123"));
+        Assert.assertTrue(OSSUtils.validateEndpoint("abc_123.adf-"));
+        Assert.assertTrue(OSSUtils.validateEndpoint("192.168.1.1"));
+        Assert.assertFalse(OSSUtils.validateEndpoint("www.test.com\\www.aliyun.com"));
+        Assert.assertFalse(OSSUtils.validateEndpoint("www.test.com#www.aliyun.com"));
+
+        try {
+            OSSUtils.ensureEndpointValid("www.test.com\\www.aliyun.com");
+            Assert.fail("should not here.");
+        }
+        catch (IllegalArgumentException e) {
+            Assert.assertTrue(true);
+        }
+        catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+    }
+
     @Test
     public void testBucketArgChecking() throws Exception{
 

src/test/java/com/aliyun/oss/common/comm/OSSClientTest.java

@@ -28,6 +28,7 @@
 
 import com.aliyun.oss.*;
 import com.aliyun.oss.internal.OSSConstants;
+import junit.framework.Assert;
 import org.junit.Ignore;
 import org.junit.Test;
 import com.aliyun.oss.model.GeneratePresignedUrlRequest;
@@ -279,5 +280,67 @@ public void testDeprecationFunction() {
             client.isBucketExist("bucketName");
         } catch (Exception e){}
     }
+
+    @Test
+    public void testValidateEndpoint() {
+        final String endpoint = "oss-cn-shenzhen.aliyuncs.com";
+
+        // true
+        try {
+            OSS client = new OSSClientBuilder().build(endpoint, "id", "key");
+        } catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+
+        // true
+        try {
+            OSS client = new OSSClientBuilder().build("http://" + endpoint, "id", "key");
+        } catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+
+        // true
+        try {
+            OSS client = new OSSClientBuilder().build("https://" + endpoint, "id", "key");
+        } catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+
+        // true
+        try {
+            OSS client = new OSSClientBuilder().build("11.11.11.11", "id", "key");
+        } catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+
+        // true
+        try {
+            OSS client = new OSSClientBuilder().build("http://11.11.11.11", "id", "key");
+        } catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+
+        // true
+        try {
+            OSS client = new OSSClientBuilder().build("https://11.11.11.11", "id", "key");
+        } catch (Exception e) {
+            Assert.fail(e.getMessage());
+        }
+
+        // false
+        try {
+            OSS client = new OSSClientBuilder().build("https://www.alibabacloud.com\\www.aliyun.com", "id", "key");
+            Assert.fail("should be failed here.");
+        } catch (IllegalArgumentException e) {
+        }
+
+        // false
+        try {
+            OSS client = new OSSClientBuilder().build("https://www.alibabacloud.com#www.aliyun.com", "id", "key");
+            Assert.fail("should be failed here.");
+        } catch (IllegalArgumentException e) {
+        }
+    }
+
 }
 

src/test/java/com/aliyun/oss/integrationtests/ClientBuilderTest.java

@@ -220,7 +220,20 @@ public void testClientBuilderSpecialEpochTicks() {
         } finally {
             client.shutdown();
         }
+    }
 
-
+    @Test
+    public void testClientBuilderWithInvalidEndpoint() {
+        OSSClient client = null;
+        try {
+            OSSClient ossClient = (OSSClient) new OSSClientBuilder().build(
+                    "http://oss-cn-hangzhou.aliyuncs.com\\oss-cn-shenzhen.aliyuncs.com?test=123",
+                    new DefaultCredentialProvider(TestConfig.OSS_TEST_ACCESS_KEY_ID,
+                            TestConfig.OSS_TEST_ACCESS_KEY_SECRET),
+                    new ClientBuilderConfiguration());
+            Assert.fail("should not here.");
+        } catch (Exception e) {
+            Assert.assertTrue(true);
+        }
     }
 }