saulteafarmer/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2025-06-11 01:55:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
Stirling-PDF/src/main/java/stirling/software/SPDF/config/CleanUrlInterceptor.java

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

84 lines
2.9 KiB
Java
Raw Normal View History

eol
2024-01-03 17:59:04 +00:00
package stirling.software.SPDF.config;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
public class CleanUrlInterceptor implements HandlerInterceptor {
private static final List<String> ALLOWED_PARAMS =
Arrays.asList(
extends the functionality of oauth in Stirling PDF 2.
2024-05-18 23:47:05 +02:00
"lang",
"endpoint",
"endpoints",
"logout",
"error",
"erroroauth",
"file",
Preparation for Switching to a New Database Version (#1521) * preparing to switch to a new database version * add PreAuthorize --------- Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2024-07-05 21:48:33 +02:00
"messageType",
"infoMessage");
eol
2024-01-03 17:59:04 +00:00
@Override
public boolean preHandle(
HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
String queryString = request.getQueryString();
if (queryString != null && !queryString.isEmpty()) {
String requestURI = request.getRequestURI();
Refactored Identifiers (#1609)
2024-07-31 13:25:48 -07:00
Map<String, String> allowedParameters = new HashMap<>();
eol
2024-01-03 17:59:04 +00:00
// Keep only the allowed parameters
String[] queryParameters = queryString.split("&");
for (String param : queryParameters) {
Refactored Identifiers (#1609)
2024-07-31 13:25:48 -07:00
String[] keyValuePair = param.split("=");
if (keyValuePair.length != 2) {
eol
2024-01-03 17:59:04 +00:00
continue;
}
Refactored Identifiers (#1609)
2024-07-31 13:25:48 -07:00
if (ALLOWED_PARAMS.contains(keyValuePair[0])) {
allowedParameters.put(keyValuePair[0], keyValuePair[1]);
eol
2024-01-03 17:59:04 +00:00
}
}
// If there are any parameters that are not allowed
Refactored Identifiers (#1609)
2024-07-31 13:25:48 -07:00
if (allowedParameters.size() != queryParameters.length) {
eol
2024-01-03 17:59:04 +00:00
// Construct new query string
StringBuilder newQueryString = new StringBuilder();
Refactored Identifiers (#1609)
2024-07-31 13:25:48 -07:00
for (Map.Entry<String, String> entry : allowedParameters.entrySet()) {
eol
2024-01-03 17:59:04 +00:00
if (newQueryString.length() > 0) {
newQueryString.append("&");
}
newQueryString.append(entry.getKey()).append("=").append(entry.getValue());
}
// Redirect to the URL with only allowed query parameters
String redirectUrl = requestURI + "?" + newQueryString;
Pipeline fixes for json lists + delete func (#1425) * init * revert * pipelines fixes for lists * pipeline fixes to allow json lists * formatting * pipeline changes * langs --------- Co-authored-by: a <a>
2024-06-09 13:56:55 +01:00
Images and login context (#1417) * init * revert
2024-06-08 16:07:23 +01:00
response.sendRedirect(request.getContextPath() + redirectUrl);
eol
2024-01-03 17:59:04 +00:00
return false;
}
}
return true;
}
@Override
public void postHandle(
HttpServletRequest request,
HttpServletResponse response,
Object handler,
ModelAndView modelAndView) {}
@Override
public void afterCompletion(
HttpServletRequest request,
HttpServletResponse response,
Object handler,
Exception ex) {}
}
Reference in New Issue Copy Permalink