diff options
author | tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2012-07-24 19:45:00 +0000 |
---|---|---|
committer | tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2012-07-24 19:45:00 +0000 |
commit | c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b (patch) | |
tree | 6270d8d6489d2b72bc2b137e7308b9db09495314 /bkucommon/src | |
parent | a416331c912d538354969672b41c1f1588549159 (diff) | |
download | mocca-c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b.tar.gz mocca-c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b.tar.bz2 mocca-c8bedc70d896f16f5ecb14850f7f4524ccb3ad0b.zip |
DataURL Whitelist feature
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1111 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'bkucommon/src')
-rw-r--r-- | bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java index 3e5d6df2..0f8385d8 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java @@ -114,6 +114,8 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement public static final String DATAURLCLIENT_MAXHOPS = "DataURLConnection.MaxHops"; + public static final String DATAURL_WHITELIST = "DataURLConnection.Whitelist"; + public int getMaxDataUrlHops() { return configuration.getInt(DATAURLCLIENT_MAXHOPS, 10); } @@ -141,6 +143,25 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement .getBoolean(ConfigurationFactoryBean.USE_STYLESHEETURL_PROPERTY, false); } + public List<String> getDataURLWhitelist() { + return configuration + .getList(DATAURL_WHITELIST); + } + + public boolean hasDataURLWhitelist() { + return configuration.containsKey(DATAURL_WHITELIST); + } + + public boolean matchesDataURLWhitelist(String dataURL) { + List<String> dataURLWhitelist = getDataURLWhitelist(); + log.debug("DataURL Whitelist: " + dataURLWhitelist.toString()); + for (String regExp : dataURLWhitelist) { + log.debug("Matching " + regExp); + if (dataURL.matches(regExp)) + return true; + } + return false; + } } /** @@ -323,9 +344,19 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement } protected void handleDataUrl() { - log.info("Entered State: {}, DataURL={}.", State.DATAURL, getDataUrl()); + String dataURL = getDataUrl(); + log.info("Entered State: {}, DataURL={}.", State.DATAURL, dataURL); try { - DataUrl dataUrl = new DataUrl(getDataUrl()); + if (configurationFacade.hasDataURLWhitelist()) { + log.debug("Checking DataURL against whitelist"); + if (!configurationFacade.matchesDataURLWhitelist(dataURL)) + { + log.error("DataURL doesn't match whitelist"); + throw new SLBindingException(2001); + } + } + + DataUrl dataUrl = new DataUrl(dataURL); HttpsDataURLConnection conn = (HttpsDataURLConnection) dataUrl.openConnection(); // set user agent and signature layout headers |