Extract rejectNonPrintableAsciiCharactersInFieldName
Closes gh-11234
This commit is contained in:
parent
7eb8a58244
commit
4405cf18f3
|
@ -431,14 +431,20 @@ public class StrictHttpFirewall implements HttpFirewall {
|
||||||
if (!isNormalized(request)) {
|
if (!isNormalized(request)) {
|
||||||
throw new RequestRejectedException("The request was rejected because the URL was not normalized.");
|
throw new RequestRejectedException("The request was rejected because the URL was not normalized.");
|
||||||
}
|
}
|
||||||
String requestUri = request.getRequestURI();
|
rejectNonPrintableAsciiCharactersInFieldName(request.getRequestURI(), "requestURI");
|
||||||
if (!containsOnlyPrintableAsciiCharacters(requestUri)) {
|
rejectNonPrintableAsciiCharactersInFieldName(request.getServletPath(), "servletPath");
|
||||||
throw new RequestRejectedException(
|
rejectNonPrintableAsciiCharactersInFieldName(request.getPathInfo(), "pathInfo");
|
||||||
"The requestURI was rejected because it can only contain printable ASCII characters.");
|
rejectNonPrintableAsciiCharactersInFieldName(request.getContextPath(), "contextPath");
|
||||||
}
|
|
||||||
return new StrictFirewalledRequest(request);
|
return new StrictFirewalledRequest(request);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void rejectNonPrintableAsciiCharactersInFieldName(String toCheck, String propertyName) {
|
||||||
|
if (!containsOnlyPrintableAsciiCharacters(toCheck)) {
|
||||||
|
throw new RequestRejectedException(String.format(
|
||||||
|
"The %s was rejected because it can only contain printable ASCII characters.", propertyName));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private void rejectForbiddenHttpMethod(HttpServletRequest request) {
|
private void rejectForbiddenHttpMethod(HttpServletRequest request) {
|
||||||
if (this.allowedHttpMethods == ALLOW_ANY_HTTP_METHOD) {
|
if (this.allowedHttpMethods == ALLOW_ANY_HTTP_METHOD) {
|
||||||
return;
|
return;
|
||||||
|
@ -526,6 +532,9 @@ public class StrictHttpFirewall implements HttpFirewall {
|
||||||
}
|
}
|
||||||
|
|
||||||
private static boolean containsOnlyPrintableAsciiCharacters(String uri) {
|
private static boolean containsOnlyPrintableAsciiCharacters(String uri) {
|
||||||
|
if (uri == null) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
int length = uri.length();
|
int length = uri.length();
|
||||||
for (int i = 0; i < length; i++) {
|
for (int i = 0; i < length; i++) {
|
||||||
char ch = uri.charAt(i);
|
char ch = uri.charAt(i);
|
||||||
|
|
|
@ -364,6 +364,34 @@ public class StrictHttpFirewallTests {
|
||||||
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void getFirewalledRequestWhenContainsLineFeedThenException() {
|
||||||
|
this.request.setRequestURI("/something\n/");
|
||||||
|
assertThatExceptionOfType(RequestRejectedException.class)
|
||||||
|
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void getFirewalledRequestWhenServletPathContainsLineFeedThenException() {
|
||||||
|
this.request.setServletPath("/something\n/");
|
||||||
|
assertThatExceptionOfType(RequestRejectedException.class)
|
||||||
|
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void getFirewalledRequestWhenContainsCarriageReturnThenException() {
|
||||||
|
this.request.setRequestURI("/something\r/");
|
||||||
|
assertThatExceptionOfType(RequestRejectedException.class)
|
||||||
|
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void getFirewalledRequestWhenServletPathContainsCarriageReturnThenException() {
|
||||||
|
this.request.setServletPath("/something\r/");
|
||||||
|
assertThatExceptionOfType(RequestRejectedException.class)
|
||||||
|
.isThrownBy(() -> this.firewall.getFirewalledRequest(this.request));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* On WebSphere 8.5 a URL like /context-root/a/b;%2f1/c can bypass a rule on /a/b/c
|
* On WebSphere 8.5 a URL like /context-root/a/b;%2f1/c can bypass a rule on /a/b/c
|
||||||
* because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC
|
* because the pathInfo is /a/b;/1/c which ends up being /a/b/1/c while Spring MVC
|
||||||
|
|
Loading…
Reference in New Issue