Apache/activemq
1
0
Fork 0
mirror of https://github.com/apache/activemq.git synced 2025-02-09 03:25:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix for: https://issues.apache.org/jira/browse/AMQ-2740

Browse Source 
Fix for NPE indicate possible CSRF attack instead.

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1418061 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Timothy A. Bish 2012-12-06 20:37:04 +00:00
parent 4321ae065d
commit 67252fe60d
1 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
activemq-web-console/src/main/java/org/apache/activemq/web/handler/BindingBeanNameUrlHandlerMapping.java
View File

@ -17,7 +17,6 @@
package org.apache.activemq.web.handler; package org.apache.activemq.web.handler;
import java.util.Arrays; import java.util.Arrays;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -25,15 +24,16 @@ import org.apache.activemq.web.DestinationFacade;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.web.bind.ServletRequestDataBinder; import org.springframework.web.bind.ServletRequestDataBinder;
import org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping;
import org.springframework.web.servlet.HandlerExecutionChain; import org.springframework.web.servlet.HandlerExecutionChain;
import org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping;
/** /**
* *
*/ */
public class BindingBeanNameUrlHandlerMapping extends BeanNameUrlHandlerMapping { public class BindingBeanNameUrlHandlerMapping extends BeanNameUrlHandlerMapping {
private static final transient Logger LOG = LoggerFactory.getLogger(BindingBeanNameUrlHandlerMapping.class); private static final transient Logger LOG = LoggerFactory.getLogger(BindingBeanNameUrlHandlerMapping.class);
@Override
protected Object getHandlerInternal(HttpServletRequest request) throws Exception { protected Object getHandlerInternal(HttpServletRequest request) throws Exception {
Object object = super.getHandlerInternal(request); Object object = super.getHandlerInternal(request);
@ -45,21 +45,21 @@ public class BindingBeanNameUrlHandlerMapping extends BeanNameUrlHandlerMapping
HandlerExecutionChain handlerExecutionChain = (HandlerExecutionChain) object; HandlerExecutionChain handlerExecutionChain = (HandlerExecutionChain) object;
object = handlerExecutionChain.getHandler(); object = handlerExecutionChain.getHandler();
} }
if (object != null) { if (object != null) {
// prevent CSRF attacks // prevent CSRF attacks
if (object instanceof DestinationFacade) { if (object instanceof DestinationFacade) {
// check supported methods // check supported methods
if (!Arrays.asList(((DestinationFacade)object).getSupportedHttpMethods()).contains(request.getMethod())) { if (!Arrays.asList(((DestinationFacade)object).getSupportedHttpMethods()).contains(request.getMethod())) {
throw new UnsupportedOperationException("Unsupported method " + request.getMethod() + " for path " + request.getRequestURI()); throw new UnsupportedOperationException("Unsupported method " + request.getMethod() + " for path " + request.getRequestURI());
} }
// check the 'secret' // check the 'secret'
if (!request.getSession().getAttribute("secret").equals(request.getParameter("secret"))) { if (request.getSession().getAttribute("secret") == null ||
throw new UnsupportedOperationException("Possible CSRF attack"); !request.getSession().getAttribute("secret").equals(request.getParameter("secret"))) {
} throw new UnsupportedOperationException("Possible CSRF attack");
} }
}
ServletRequestDataBinder binder = new ServletRequestDataBinder(object, "request"); ServletRequestDataBinder binder = new ServletRequestDataBinder(object, "request");
try { try {
binder.bind(request); binder.bind(request);
@ -73,7 +73,7 @@ public class BindingBeanNameUrlHandlerMapping extends BeanNameUrlHandlerMapping
throw e; throw e;
} }
} }
return object; return object;
} }
} }