diff --git a/base/src/main/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImpl.java b/base/src/main/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImpl.java index eb585b92..71ea4760 100644 --- a/base/src/main/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImpl.java +++ b/base/src/main/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImpl.java @@ -40,6 +40,7 @@ import java.util.Arrays; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import java.util.Set; @@ -265,7 +266,7 @@ void validateFinalUrl(String finalUrl) { throw new ServiceException("400", "Invalid baseUrl: missing host"); } - boolean isLoopback = LOOPBACK_HOSTS.contains(host.toLowerCase()); + boolean isLoopback = LOOPBACK_HOSTS.contains(host.toLowerCase(Locale.ROOT)); List allowedHosts = config.getAllowedHosts(); diff --git a/base/src/test/java/com/tinyengine/it/common/utils/SqlIdentifierValidatorTest.java b/base/src/test/java/com/tinyengine/it/common/utils/SqlIdentifierValidatorTest.java index f0021644..bd5ec105 100644 --- a/base/src/test/java/com/tinyengine/it/common/utils/SqlIdentifierValidatorTest.java +++ b/base/src/test/java/com/tinyengine/it/common/utils/SqlIdentifierValidatorTest.java @@ -5,7 +5,8 @@ import java.util.Arrays; import java.util.List; -import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; +import static org.junit.jupiter.api.Assertions.assertThrows; class SqlIdentifierValidatorTest { @@ -101,7 +102,7 @@ void rejectSqliPatternsInIdentifier() { "name AND 1=1", "id; SELECT SLEEP(5)", "COUNT(*)", - "GROUP_CONCAT(username)", + "GROUP_CONCAT(username)" }; for (String payload : sqliPayloads) { assertThrows(IllegalArgumentException.class, diff --git a/base/src/test/java/com/tinyengine/it/dynamic/service/DynamicServiceSqlInjectionTest.java b/base/src/test/java/com/tinyengine/it/dynamic/service/DynamicServiceSqlInjectionTest.java index 3ccab7fb..dd24625c 100644 --- a/base/src/test/java/com/tinyengine/it/dynamic/service/DynamicServiceSqlInjectionTest.java +++ b/base/src/test/java/com/tinyengine/it/dynamic/service/DynamicServiceSqlInjectionTest.java @@ -15,9 +15,15 @@ import org.mockito.Mock; import org.mockito.MockitoAnnotations; -import java.util.*; - -import static org.junit.jupiter.api.Assertions.*; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.when; diff --git a/base/src/test/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImplTest.java b/base/src/test/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImplTest.java index e6791da3..8d45a579 100644 --- a/base/src/test/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImplTest.java +++ b/base/src/test/java/com/tinyengine/it/service/app/impl/v1/AiChatV1ServiceImplTest.java @@ -13,7 +13,9 @@ import java.util.List; import java.util.Map; -import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; class AiChatV1ServiceImplTest { private TestAiChatV1ServiceImpl service;