YARN-2512. Allowed pattern matching for origins in CrossOriginFilter. Contributed by Jonathan Eagles.
(cherry picked from commit a092cdf32d)
This commit is contained in:
Zhijie Shen
parent
b87d1d7d0a
commit
f2a5a5d4aa
|
|
@ -161,6 +161,9 @@ Release 2.6.0 - UNRELEASED
|
||||||
YARN-2508. Cross Origin configuration parameters prefix are not honored
|
YARN-2508. Cross Origin configuration parameters prefix are not honored
|
||||||
(Mit Desai via jeagles)
|
(Mit Desai via jeagles)
|
||||||
|
|
||||||
|
YARN-2512. Allowed pattern matching for origins in CrossOriginFilter.
|
||||||
|
(Jonathan Eagles via zjshen)
|
||||||
|
|
||||||
OPTIMIZATIONS
|
OPTIMIZATIONS
|
||||||
|
|
||||||
BUG FIXES
|
BUG FIXES
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,8 @@ import java.net.URLEncoder;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.regex.Matcher;
|
||||||
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
import javax.servlet.Filter;
|
import javax.servlet.Filter;
|
||||||
import javax.servlet.FilterChain;
|
import javax.servlet.FilterChain;
|
||||||
|
|
@ -204,7 +206,23 @@ public class CrossOriginFilter implements Filter {
|
||||||
|
|
||||||
@VisibleForTesting
|
@VisibleForTesting
|
||||||
boolean isOriginAllowed(String origin) {
|
boolean isOriginAllowed(String origin) {
|
||||||
return allowAllOrigins || allowedOrigins.contains(origin);
|
if (allowAllOrigins) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (String allowedOrigin : allowedOrigins) {
|
||||||
|
if (allowedOrigin.contains("*")) {
|
||||||
|
String regex = allowedOrigin.replace(".", "\\.").replace("*", ".*");
|
||||||
|
Pattern p = Pattern.compile(regex);
|
||||||
|
Matcher m = p.matcher(origin);
|
||||||
|
if (m.matches()) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
} else if (allowedOrigin.equals(origin)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean areHeadersAllowed(String accessControlRequestHeaders) {
|
private boolean areHeadersAllowed(String accessControlRequestHeaders) {
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,26 @@ public class TestCrossOriginFilter {
|
||||||
// Object under test
|
// Object under test
|
||||||
CrossOriginFilter filter = new CrossOriginFilter();
|
CrossOriginFilter filter = new CrossOriginFilter();
|
||||||
filter.init(filterConfig);
|
filter.init(filterConfig);
|
||||||
Assert.assertTrue(filter.isOriginAllowed("example.org"));
|
Assert.assertTrue(filter.isOriginAllowed("example.com"));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testPatternMatchingOrigins() throws ServletException, IOException {
|
||||||
|
|
||||||
|
// Setup the configuration settings of the server
|
||||||
|
Map<String, String> conf = new HashMap<String, String>();
|
||||||
|
conf.put(CrossOriginFilter.ALLOWED_ORIGINS, "*.example.com");
|
||||||
|
FilterConfig filterConfig = new FilterConfigTest(conf);
|
||||||
|
|
||||||
|
// Object under test
|
||||||
|
CrossOriginFilter filter = new CrossOriginFilter();
|
||||||
|
filter.init(filterConfig);
|
||||||
|
|
||||||
|
// match multiple sub-domains
|
||||||
|
Assert.assertFalse(filter.isOriginAllowed("example.com"));
|
||||||
|
Assert.assertFalse(filter.isOriginAllowed("foo:example.com"));
|
||||||
|
Assert.assertTrue(filter.isOriginAllowed("foo.example.com"));
|
||||||
|
Assert.assertTrue(filter.isOriginAllowed("foo.bar.example.com"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue