diff options
| author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-01-28 16:05:21 +0100 |
|---|---|---|
| committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2014-01-28 16:05:21 +0100 |
| commit | d0c59a890be350ff1c39901e7fa94bf68c048065 (patch) | |
| tree | 10aef75582d15acf1c4f67d2a702e55c1b7d74fb /pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java | |
| parent | 7623d9b081af23191f307e1f06df7ce5508bf925 (diff) | |
| download | pdf-as-4-d0c59a890be350ff1c39901e7fa94bf68c048065.tar.gz pdf-as-4-d0c59a890be350ff1c39901e7fa94bf68c048065.tar.bz2 pdf-as-4-d0c59a890be350ff1c39901e7fa94bf68c048065.zip | |
URL Whitelist + Basic Design
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java')
| -rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java | 60 |
1 files changed, 57 insertions, 3 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java index 6609e51d..c7520347 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/config/WebConfiguration.java @@ -2,6 +2,9 @@ package at.gv.egiz.pdfas.web.config; import java.io.File; import java.io.FileInputStream; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; import java.util.Properties; import org.slf4j.Logger; @@ -24,12 +27,21 @@ public class WebConfiguration { public static final String KEYSTORE_ALIAS = "ks.key.alias"; public static final String KEYSTORE_KEY_PASS = "ks.key.pass"; + public static final String WHITELIST_ENABLED = "whitelist.enabled"; + public static final String WHITELIST_VALUE_PRE = "whitelist.url."; + private static Properties properties = new Properties(); private static final Logger logger = LoggerFactory .getLogger(WebConfiguration.class); + private static List<String> whiteListregEx = new ArrayList<String>(); + public static void configure(String config) { + + properties.clear(); + whiteListregEx.clear(); + try { properties.load(new FileInputStream(config)); } catch(Exception e) { @@ -37,6 +49,23 @@ public class WebConfiguration { throw new RuntimeException(e); } + if(isWhiteListEnabled()) { + Iterator<Object> keyIt = properties.keySet().iterator(); + while(keyIt.hasNext()) { + Object keyObj = keyIt.next(); + if(keyObj != null) { + String key = keyObj.toString(); + if(key.startsWith(WHITELIST_VALUE_PRE)) { + String whitelist_expr = properties.getProperty(key); + if(whitelist_expr != null) { + whiteListregEx.add(whitelist_expr); + logger.debug("URL Whitelist: " + whitelist_expr); + } + } + } + } + } + String pdfASDir = getPdfASDir(); if(pdfASDir == null) { logger.error("Please configure pdf as working directory in the web configuration"); @@ -107,9 +136,34 @@ public class WebConfiguration { } return false; } - - public static boolean isProvidePdfURLinWhitelist(String url) { - //TODO implement whitelisting for pdfURLS + + public static boolean isWhiteListEnabled() { + String value = properties.getProperty(WHITELIST_ENABLED); + if(value != null) { + if(value.equals("true")) { + return true; + } + } return false; } + + public static synchronized boolean isProvidePdfURLinWhitelist(String url) { + if(isWhiteListEnabled()) { + + Iterator<String> patterns = whiteListregEx.iterator(); + while(patterns.hasNext()) { + String pattern = patterns.next(); + try { + if(url.matches(pattern)) { + return true; + } + } catch(Throwable e) { + logger.error("Error in matching regex: " + pattern, e); + } + } + + return false; + } + return true; + } } |