417260 Protected targets matched as true URI path segments
This commit is contained in:
parent
0b80b9ba36
commit
9113767907
|
@ -1169,16 +1169,30 @@ public class ContextHandler extends ScopedHandler implements Attributes, Gracefu
|
|||
while (target.startsWith("//"))
|
||||
target=URIUtil.compactPath(target);
|
||||
|
||||
boolean isProtected = false;
|
||||
int i=0;
|
||||
while (!isProtected && i<_protectedTargets.length)
|
||||
for (int i=0; i<_protectedTargets.length; i++)
|
||||
{
|
||||
isProtected = StringUtil.startsWithIgnoreCase(target, _protectedTargets[i++]);
|
||||
String t=_protectedTargets[i];
|
||||
if (StringUtil.startsWithIgnoreCase(target,t))
|
||||
{
|
||||
if (target.length()==t.length())
|
||||
return true;
|
||||
|
||||
// Check that the target prefix really is a path segment, thus
|
||||
// it can end with /, a query, a target or a parameter
|
||||
char c=target.charAt(t.length());
|
||||
if (c=='/'||c=='?'||c=='#'||c==';')
|
||||
return true;
|
||||
}
|
||||
return isProtected;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
/**
|
||||
* @param targets Array of URL prefix. Each prefix is in the form /path and will match
|
||||
* either /path exactly or /path/anything
|
||||
*/
|
||||
public void setProtectedTargets (String[] targets)
|
||||
{
|
||||
if (targets == null)
|
||||
|
@ -1191,6 +1205,7 @@ public class ContextHandler extends ScopedHandler implements Attributes, Gracefu
|
|||
System.arraycopy(targets, 0, _protectedTargets, 0, targets.length);
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
public String[] getProtectedTargets ()
|
||||
{
|
||||
if (_protectedTargets == null)
|
||||
|
|
|
@ -437,6 +437,7 @@ public class ContextHandlerTest
|
|||
assertTrue(handler.isProtectedTarget("/foo-inf/x/y/z"));
|
||||
assertFalse(handler.isProtectedTarget("/foo/x/y/z"));
|
||||
assertTrue(handler.isProtectedTarget("/foo-inf?x=y&z=1"));
|
||||
assertFalse(handler.isProtectedTarget("/foo-inf-bar"));
|
||||
|
||||
protectedTargets = new String[4];
|
||||
System.arraycopy(handler.getProtectedTargets(), 0, protectedTargets, 0, 2);
|
||||
|
|
Loading…
Reference in New Issue