Sanitize request URL in ResourceUrlEncodingFilter
Prior to this change, ResourceUrlEncodingFilter and ResourceUrlProvider would try to resolve the resource path using the full request URL (i.e. request path and request parameters), whereas the request path is the only information to consider. This would lead to StringIndexOutOfBoundsExceptions when the path + request params information was given to the AntPathMatcher. This commit makes the appropriate change to both ResourceUrlEncodingFilter and ResourceUrlProvider, in order to only select the request path. Issue: SPR-13374
This commit is contained in:
@@ -74,10 +74,12 @@ public class ResourceUrlEncodingFilter extends OncePerRequestFilter {
|
||||
initIndexLookupPath(resourceUrlProvider);
|
||||
if (url.length() >= this.indexLookupPath) {
|
||||
String prefix = url.substring(0, this.indexLookupPath);
|
||||
String lookupPath = url.substring(this.indexLookupPath);
|
||||
int suffixIndex = getQueryParamsIndex(url);
|
||||
String suffix = url.substring(suffixIndex);
|
||||
String lookupPath = url.substring(this.indexLookupPath, suffixIndex);
|
||||
lookupPath = resourceUrlProvider.getForLookupPath(lookupPath);
|
||||
if (lookupPath != null) {
|
||||
return super.encodeURL(prefix + lookupPath);
|
||||
return super.encodeURL(prefix + lookupPath + suffix);
|
||||
}
|
||||
}
|
||||
return super.encodeURL(url);
|
||||
@@ -95,6 +97,11 @@ public class ResourceUrlEncodingFilter extends OncePerRequestFilter {
|
||||
this.indexLookupPath = requestUri.lastIndexOf(lookupPath);
|
||||
}
|
||||
}
|
||||
|
||||
private int getQueryParamsIndex(String url) {
|
||||
int index = url.indexOf("?");
|
||||
return index > 0 ? index : url.length();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -172,11 +172,13 @@ public class ResourceUrlProvider implements ApplicationListener<ContextRefreshed
|
||||
if (logger.isTraceEnabled()) {
|
||||
logger.trace("Getting resource URL for requestURL=" + requestUrl);
|
||||
}
|
||||
int index = getLookupPathIndex(request);
|
||||
String prefix = requestUrl.substring(0, index);
|
||||
String lookupPath = requestUrl.substring(index);
|
||||
int prefixIndex = getLookupPathIndex(request);
|
||||
int suffixIndex = getQueryParamsIndex(requestUrl);
|
||||
String prefix = requestUrl.substring(0, prefixIndex);
|
||||
String suffix = requestUrl.substring(suffixIndex);
|
||||
String lookupPath = requestUrl.substring(prefixIndex, suffixIndex);
|
||||
String resolvedLookupPath = getForLookupPath(lookupPath);
|
||||
return (resolvedLookupPath != null) ? prefix + resolvedLookupPath : null;
|
||||
return (resolvedLookupPath != null) ? prefix + resolvedLookupPath + suffix : null;
|
||||
}
|
||||
|
||||
private int getLookupPathIndex(HttpServletRequest request) {
|
||||
@@ -185,6 +187,11 @@ public class ResourceUrlProvider implements ApplicationListener<ContextRefreshed
|
||||
return requestUri.indexOf(lookupPath);
|
||||
}
|
||||
|
||||
private int getQueryParamsIndex(String lookupPath) {
|
||||
int index = lookupPath.indexOf("?");
|
||||
return index > 0 ? index : lookupPath.length();
|
||||
}
|
||||
|
||||
/**
|
||||
* Compare the given path against configured resource handler mappings and
|
||||
* if a match is found use the {@code ResourceResolver} chain of the matched
|
||||
|
||||
Reference in New Issue
Block a user