Java Code Examples for io.undertow.util.CanonicalPathUtils

The following examples show how to use io.undertow.util.CanonicalPathUtils. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: quarkus-http   Source File: HttpServletResponseImpl.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void sendRedirect(final String location) throws IOException {
    if (responseStarted()) {
        throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
    }
    resetBuffer();
    setStatus(StatusCodes.FOUND);
    String realPath;
    if (isAbsoluteUrl(location)) {//absolute url
        exchange.setResponseHeader(HttpHeaderNames.LOCATION, location);
    } else {
        if (location.startsWith("/")) {
            realPath = location;
        } else {
            String current = exchange.getRelativePath();
            int lastSlash = current.lastIndexOf("/");
            if (lastSlash != -1) {
                current = current.substring(0, lastSlash + 1);
            }
            realPath = CanonicalPathUtils.canonicalize(servletContext.getContextPath() + current + location);
        }
        String loc = exchange.getRequestScheme() + "://" + exchange.getHostAndPort() + realPath;
        exchange.setResponseHeader(HttpHeaderNames.LOCATION, loc);
    }
    responseDone();
}
 
Example 2
Source Project: quarkus-http   Source File: DefaultServlet.java    License: Apache License 2.0 6 votes vote down vote up
private String getPath(final HttpServletRequest request) {
    String servletPath;
    String pathInfo;

    if (request.getDispatcherType() == DispatcherType.INCLUDE && request.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI) != null) {
        pathInfo = (String) request.getAttribute(RequestDispatcher.INCLUDE_PATH_INFO);
        servletPath = (String) request.getAttribute(RequestDispatcher.INCLUDE_SERVLET_PATH);
    } else {
        pathInfo = request.getPathInfo();
        servletPath = request.getServletPath();
    }
    String result = pathInfo;
    if (result == null) {
        result = CanonicalPathUtils.canonicalize(servletPath);
    } else if (resolveAgainstContextRoot) {
        result = servletPath + CanonicalPathUtils.canonicalize(pathInfo);
    } else {
        result = CanonicalPathUtils.canonicalize(result);
    }
    if ((result == null) || (result.isEmpty())) {
        result = "/";
    }
    return result;

}
 
Example 3
Source Project: lams   Source File: HttpServletResponseImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
@Override
public void sendRedirect(final String location) throws IOException {
    if (responseStarted()) {
        throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
    }
    resetBuffer();
    setStatus(StatusCodes.FOUND);
    String realPath;
    if (isAbsoluteUrl(location)) {//absolute url
        exchange.getResponseHeaders().put(Headers.LOCATION, location);
    } else {
        if (location.startsWith("/")) {
            realPath = location;
        } else {
            String current = exchange.getRelativePath();
            int lastSlash = current.lastIndexOf("/");
            if (lastSlash != -1) {
                current = current.substring(0, lastSlash + 1);
            }
            realPath = CanonicalPathUtils.canonicalize(servletContext.getContextPath() + current + location);
        }
        String loc = exchange.getRequestScheme() + "://" + exchange.getHostAndPort() + realPath;
        exchange.getResponseHeaders().put(Headers.LOCATION, loc);
    }
    responseDone();
}
 
Example 4
Source Project: lams   Source File: DefaultServlet.java    License: GNU General Public License v2.0 6 votes vote down vote up
private String getPath(final HttpServletRequest request) {
    String servletPath;
    String pathInfo;

    if (request.getDispatcherType() == DispatcherType.INCLUDE && request.getAttribute(RequestDispatcher.INCLUDE_REQUEST_URI) != null) {
        pathInfo = (String) request.getAttribute(RequestDispatcher.INCLUDE_PATH_INFO);
        servletPath = (String) request.getAttribute(RequestDispatcher.INCLUDE_SERVLET_PATH);
    } else {
        pathInfo = request.getPathInfo();
        servletPath = request.getServletPath();
    }
    String result = pathInfo;
    if (result == null) {
        result = CanonicalPathUtils.canonicalize(servletPath);
    } else if(resolveAgainstContextRoot) {
        result = servletPath + CanonicalPathUtils.canonicalize(pathInfo);
    } else {
        result = CanonicalPathUtils.canonicalize(result);
    }
    if ((result == null) || (result.isEmpty())) {
        result = "/";
    }
    return result;

}
 
Example 5
Source Project: quarkus-http   Source File: ServletContextImpl.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public String getRealPath(final String path) {
    if (path == null) {
        return null;
    }
    String canonicalPath = CanonicalPathUtils.canonicalize(path);
    Resource resource;
    try {
        resource = deploymentInfo.getResourceManager().getResource(canonicalPath);

        if (resource == null) {
            //UNDERTOW-373 even though the resource does not exist we still need to return a path
            Resource deploymentRoot = deploymentInfo.getResourceManager().getResource("/");
            if(deploymentRoot == null) {
                return null;
            }
            Path root = deploymentRoot.getFilePath();
            if(root == null) {
                return null;
            }
            if(!canonicalPath.startsWith("/")) {
                canonicalPath = "/" + canonicalPath;
            }
            if(File.separatorChar != '/') {
                canonicalPath = canonicalPath.replace('/', File.separatorChar);
            }
            return root.toAbsolutePath().toString() + canonicalPath;
        }
    } catch (IOException e) {
        return null;
    }
    Path file = resource.getFilePath();
    if (file == null) {
        return null;
    }
    return file.toAbsolutePath().toString();
}
 
Example 6
Source Project: quarkus-http   Source File: HttpServletRequestImpl.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public RequestDispatcher getRequestDispatcher(final String path) {
    String realPath;
    if (path.startsWith("/")) {
        realPath = path;
    } else {
        String current = exchange.getRelativePath();
        int lastSlash = current.lastIndexOf("/");
        if (lastSlash != -1) {
            current = current.substring(0, lastSlash + 1);
        }
        realPath = CanonicalPathUtils.canonicalize(current + path);
    }
    return new RequestDispatcherImpl(realPath, servletContext);
}
 
Example 7
Source Project: lams   Source File: ServletContextImpl.java    License: GNU General Public License v2.0 5 votes vote down vote up
@Override
public String getRealPath(final String path) {
    if (path == null) {
        return null;
    }
    String canonicalPath = CanonicalPathUtils.canonicalize(path);
    Resource resource;
    try {
        resource = deploymentInfo.getResourceManager().getResource(canonicalPath);

        if (resource == null) {
            //UNDERTOW-373 even though the resource does not exist we still need to return a path
            Resource deploymentRoot = deploymentInfo.getResourceManager().getResource("/");
            if(deploymentRoot == null) {
                return null;
            }
            Path root = deploymentRoot.getFilePath();
            if(root == null) {
                return null;
            }
            if(!canonicalPath.startsWith("/")) {
                canonicalPath = "/" + canonicalPath;
            }
            if(File.separatorChar != '/') {
                canonicalPath = canonicalPath.replace('/', File.separatorChar);
            }
            return root.toAbsolutePath().toString() + canonicalPath;
        }
    } catch (IOException e) {
        return null;
    }
    Path file = resource.getFilePath();
    if (file == null) {
        return null;
    }
    return file.toAbsolutePath().toString();
}
 
Example 8
Source Project: lams   Source File: HttpServletRequestImpl.java    License: GNU General Public License v2.0 5 votes vote down vote up
@Override
public RequestDispatcher getRequestDispatcher(final String path) {
    String realPath;
    if (path.startsWith("/")) {
        realPath = path;
    } else {
        String current = exchange.getRelativePath();
        int lastSlash = current.lastIndexOf("/");
        if (lastSlash != -1) {
            current = current.substring(0, lastSlash + 1);
        }
        realPath = CanonicalPathUtils.canonicalize(current + path);
    }
    return new RequestDispatcherImpl(realPath, servletContext);
}
 
Example 9
Source Project: quarkus-http   Source File: DefaultServlet.java    License: Apache License 2.0 4 votes vote down vote up
@Override
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
    String path = getPath(req);
    if (!isAllowed(path, req.getDispatcherType())) {
        resp.sendError(StatusCodes.NOT_FOUND);
        return;
    }
    if (File.separatorChar != '/') {
        //if the separator char is not / we want to replace it with a / and canonicalise
        path = CanonicalPathUtils.canonicalize(path.replace(File.separatorChar, '/'));
    }

    HttpServerExchange exchange = SecurityActions.requireCurrentServletRequestContext().getOriginalRequest().getExchange();
    final Resource resource;
    //we want to disallow windows characters in the path
    if (File.separatorChar == '/' || !path.contains(File.separator)) {
        resource = resourceSupplier.getResource(exchange, path);
    } else {
        resource = null;
    }

    if (resource == null) {
        if (req.getDispatcherType() == DispatcherType.INCLUDE) {
            //servlet 9.3
            throw new FileNotFoundException(path);
        } else {
            resp.sendError(StatusCodes.NOT_FOUND);
        }
        return;
    } else if (resource.isDirectory()) {
        if ("css".equals(req.getQueryString())) {
            resp.setContentType("text/css");
            resp.getWriter().write(DirectoryUtils.Blobs.FILE_CSS);
            return;
        } else if ("js".equals(req.getQueryString())) {
            resp.setContentType("application/javascript");
            resp.getWriter().write(DirectoryUtils.Blobs.FILE_JS);
            return;
        }
        if (directoryListingEnabled) {
            StringBuilder output = DirectoryUtils.renderDirectoryListing(req.getRequestURI(), resource);
            resp.getWriter().write(output.toString());
        } else {
            resp.sendError(StatusCodes.FORBIDDEN);
        }
    } else {
        if (path.endsWith("/")) {
            //UNDERTOW-432
            resp.sendError(StatusCodes.NOT_FOUND);
            return;
        }
        serveFileBlocking(req, resp, resource, exchange);
    }
}
 
Example 10
Source Project: quarkus-http   Source File: ResourceHandler.java    License: Apache License 2.0 4 votes vote down vote up
private String canonicalize(String s) {
    if (canonicalizePaths) {
        return CanonicalPathUtils.canonicalize(s);
    }
    return s;
}
 
Example 11
Source Project: quarkus-http   Source File: CanonicalPathHandler.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
    exchange.setRelativePath(CanonicalPathUtils.canonicalize(exchange.getRelativePath()));
    next.handleRequest(exchange);
}
 
Example 12
Source Project: lams   Source File: DefaultServlet.java    License: GNU General Public License v2.0 4 votes vote down vote up
@Override
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
    String path = getPath(req);
    if (!isAllowed(path, req.getDispatcherType())) {
        resp.sendError(StatusCodes.NOT_FOUND);
        return;
    }
    if(File.separatorChar != '/') {
        //if the separator char is not / we want to replace it with a / and canonicalise
        path = CanonicalPathUtils.canonicalize(path.replace(File.separatorChar, '/'));
    }

    HttpServerExchange exchange = SecurityActions.requireCurrentServletRequestContext().getOriginalRequest().getExchange();
    final Resource resource;
    //we want to disallow windows characters in the path
    if(File.separatorChar == '/' || !path.contains(File.separator)) {
        resource = resourceSupplier.getResource(exchange, path);
    } else {
        resource = null;
    }

    if (resource == null) {
        if (req.getDispatcherType() == DispatcherType.INCLUDE) {
            //servlet 9.3
            throw new FileNotFoundException(path);
        } else {
            resp.sendError(StatusCodes.NOT_FOUND);
        }
        return;
    } else if (resource.isDirectory()) {
        if ("css".equals(req.getQueryString())) {
            resp.setContentType("text/css");
            resp.getWriter().write(DirectoryUtils.Blobs.FILE_CSS);
            return;
        } else if ("js".equals(req.getQueryString())) {
            resp.setContentType("application/javascript");
            resp.getWriter().write(DirectoryUtils.Blobs.FILE_JS);
            return;
        }
        if (directoryListingEnabled) {
            StringBuilder output = DirectoryUtils.renderDirectoryListing(req.getRequestURI(), resource);
            resp.getWriter().write(output.toString());
        } else {
            resp.sendError(StatusCodes.FORBIDDEN);
        }
    } else {
        if(path.endsWith("/")) {
            //UNDERTOW-432
            resp.sendError(StatusCodes.NOT_FOUND);
            return;
        }
        serveFileBlocking(req, resp, resource, exchange);
    }
}
 
Example 13
Source Project: lams   Source File: ResourceHandler.java    License: GNU General Public License v2.0 4 votes vote down vote up
private String canonicalize(String s) {
    if(canonicalizePaths) {
        return CanonicalPathUtils.canonicalize(s);
    }
    return s;
}
 
Example 14
Source Project: lams   Source File: CanonicalPathHandler.java    License: GNU General Public License v2.0 4 votes vote down vote up
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
    exchange.setRelativePath(CanonicalPathUtils.canonicalize(exchange.getRelativePath()));
    next.handleRequest(exchange);
}