summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2012-07-24 19:45:00 +0000
committertkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2012-07-24 19:45:00 +0000
commitc8bedc70d896f16f5ecb14850f7f4524ccb3ad0b (patch)
tree6270d8d6489d2b72bc2b137e7308b9db09495314
parenta416331c912d538354969672b41c1f1588549159 (diff)
downloadmocca-c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b.tar.gz
mocca-c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b.tar.bz2
mocca-c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b.zip
DataURL Whitelist feature
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1111 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java35
1 files changed, 33 insertions, 2 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java
index 3e5d6df2..0f8385d8 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java
@@ -114,6 +114,8 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement
public static final String DATAURLCLIENT_MAXHOPS = "DataURLConnection.MaxHops";
+ public static final String DATAURL_WHITELIST = "DataURLConnection.Whitelist";
+
public int getMaxDataUrlHops() {
return configuration.getInt(DATAURLCLIENT_MAXHOPS, 10);
}
@@ -141,6 +143,25 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement
.getBoolean(ConfigurationFactoryBean.USE_STYLESHEETURL_PROPERTY, false);
}
+ public List<String> getDataURLWhitelist() {
+ return configuration
+ .getList(DATAURL_WHITELIST);
+ }
+
+ public boolean hasDataURLWhitelist() {
+ return configuration.containsKey(DATAURL_WHITELIST);
+ }
+
+ public boolean matchesDataURLWhitelist(String dataURL) {
+ List<String> dataURLWhitelist = getDataURLWhitelist();
+ log.debug("DataURL Whitelist: " + dataURLWhitelist.toString());
+ for (String regExp : dataURLWhitelist) {
+ log.debug("Matching " + regExp);
+ if (dataURL.matches(regExp))
+ return true;
+ }
+ return false;
+ }
}
/**
@@ -323,9 +344,19 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement
}
protected void handleDataUrl() {
- log.info("Entered State: {}, DataURL={}.", State.DATAURL, getDataUrl());
+ String dataURL = getDataUrl();
+ log.info("Entered State: {}, DataURL={}.", State.DATAURL, dataURL);
try {
- DataUrl dataUrl = new DataUrl(getDataUrl());
+ if (configurationFacade.hasDataURLWhitelist()) {
+ log.debug("Checking DataURL against whitelist");
+ if (!configurationFacade.matchesDataURLWhitelist(dataURL))
+ {
+ log.error("DataURL doesn't match whitelist");
+ throw new SLBindingException(2001);
+ }
+ }
+
+ DataUrl dataUrl = new DataUrl(dataURL);
HttpsDataURLConnection conn = (HttpsDataURLConnection) dataUrl.openConnection();
// set user agent and signature layout headers