public boolean matches(HttpServletRequest request) { String uri = request.getRequestURI(); String query = request.getQueryString(); if (query != null) { uri += "?" + query; } if ("".equals(request.getContextPath())) { return uri.equals(processUrl); } return uri.equals(request.getContextPath() + processUrl); }
@Override public String apply(HttpServletRequest request) { return format("%s%s?%s", request.getContextPath(), API_QUALITY_PROFILE_EXPORT, request.getQueryString()); } }
/** * @return part of request URL after servlet path */ private static String getPluginKeyAndResourcePath(HttpServletRequest request) { return StringUtils.substringAfter(request.getRequestURI(), request.getContextPath() + request.getServletPath() + "/"); }
public static String getURL(HttpServletRequest req) { String scheme = req.getScheme(); // http String serverName = req.getServerName(); // hostname.com int serverPort = req.getServerPort(); // 80 String contextPath = req.getContextPath(); // /mywebapp String servletPath = req.getServletPath(); // /servlet/MyServlet String pathInfo = req.getPathInfo(); // /a/b;c=123 String queryString = req.getQueryString(); // d=789 // Reconstruct original requesting URL StringBuilder url = new StringBuilder(); url.append(scheme).append("://").append(serverName); if (serverPort != 80 && serverPort != 443) { url.append(":").append(serverPort); } url.append(contextPath).append(servletPath); if (pathInfo != null) { url.append(pathInfo); } if (queryString != null) { url.append("?").append(queryString); } return url.toString(); }
private static boolean shouldRequestBeChecked(HttpServletRequest request) { if (UPDATE_METHODS.contains(request.getMethod())) { String path = request.getRequestURI().replaceFirst(request.getContextPath(), ""); return path.startsWith(API_URL); } return false; }
public ActionEnter(HttpServletRequest request, String rootPath) { this.request = request; this.rootPath = rootPath; this.actionType = request.getParameter("action"); this.contextPath = request.getContextPath(); this.configManager = ConfigManager.getInstance(this.rootPath, this.contextPath, request.getRequestURI()); }
final String requestPath = ( httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + httpServletRequest.getPathInfo() ).toLowerCase();
@WebServlet(name = "LogoutServlet", urlPatterns = {"/logout"}) public class LogoutServlet extends HttpServlet { @Override protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(false); // Destroys the session for this user. if (session != null) session.invalidate(); // Redirects back to the initial page. response.sendRedirect(request.getContextPath()); } }
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; /* allow signup from the Jenkins home page, or /manage, which is where a /configureSecurity form redirects to */ if(req.getRequestURI().equals(req.getContextPath()+"/") || req.getRequestURI().equals(req.getContextPath() + "/manage")) { if (needsToCreateFirstUser()) { ((HttpServletResponse)response).sendRedirect("securityRealm/firstUser"); } else {// the first user already created. the role of this filter is over. PluginServletFilter.removeFilter(this); chain.doFilter(request,response); } } else chain.doFilter(request,response); }
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception { String contextPath = request.getContextPath(); // System.out.println(contextPath); String uri = request.getRequestURI(); LOGGE.info("UserAgent: {}", request.getHeader(USER_AGENT)); LOGGE.info("用户访问地址: {}, 来路地址: {}", uri, IPKit.getIpAddrByRequest(request)); //请求拦截处理 UserVo user = TaleUtils.getLoginUser(request); if (null == user) { Integer uid = TaleUtils.getCookieUid(request); if (null != uid) { //这里还是有安全隐患,cookie是可以伪造的 user = userService.queryUserById(uid); request.getSession().setAttribute(WebConst.LOGIN_SESSION_KEY, user); } } if (uri.startsWith(contextPath + "/admin") && !uri.startsWith(contextPath + "/admin/login") && null == user) { response.sendRedirect(request.getContextPath() + "/admin/login"); return false; } //设置get请求的token if (request.getMethod().equals("GET")) { String csrf_token = UUID.UU64(); // 默认存储30分钟 cache.hset(Types.CSRF_TOKEN.getType(), csrf_token, uri, 30 * 60); request.setAttribute("_csrf_token", csrf_token); } return true; }
/** {@inheritDoc} */ public String getPath() { String path = request.getContextPath(); if (request.getPathInfo() != null) { path += request.getPathInfo(); } if (path.charAt(0) == '/') { path = path.substring(1); } return path; }
private void setPath(HttpRequest httpRequest, HttpServletRequest httpServletRequest) { httpRequest.withPath(httpServletRequest.getPathInfo() != null && httpServletRequest.getContextPath() != null ? httpServletRequest.getPathInfo() : httpServletRequest.getRequestURI()); }
final String path = request.getContextPath() + ( request.getPathInfo() == null ? "" : request.getPathInfo() ); if ( request.getMethod().equals( "OPTIONS" ) || whitelisted( path ) )
String authorization = req.getHeader("Authorization"); String path = req.getServletPath(); if(authorization==null || req.getUserPrincipal() !=null || path.startsWith("/secured/") || !Jenkins.getInstance().isUseSecurity()) { path = req.getContextPath()+"/secured"+path; String q = req.getQueryString(); if(q!=null) path += '?'+q;
/** {@inheritDoc} */ @Override public void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { log.debug("Servicing Request"); if (codecFactory == null) { ServletContext ctx = getServletContext(); log.debug("Context path: {}", ctx.getContextPath()); //attempt to lookup the webapp context webAppCtx = WebApplicationContextUtils.getRequiredWebApplicationContext(ctx); //now try to look it up as an attribute if (webAppCtx == null) { log.debug("Webapp context was null, trying lookup as attr."); webAppCtx = (WebApplicationContext) ctx.getAttribute(WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE); } //lookup the server and codec factory if (webAppCtx != null) { server = (IServer) webAppCtx.getBean("red5.server"); codecFactory = (RemotingCodecFactory) webAppCtx.getBean("remotingCodecFactory"); } else { log.debug("No web context"); } } log.debug("Remoting request {} {}", req.getContextPath(), req.getServletPath()); if (APPLICATION_AMF.equals(req.getContentType())) { serviceAMF(req, resp); } else { resp.getWriter().write("Red5 : Remoting Gateway"); } }
public static String buildLogMessage(HttpServletRequest httpRequest, long duration, boolean systemError, int responseSize) { final StringBuilder msg = new StringBuilder(); msg.append("remoteAddr = ").append(httpRequest.getRemoteAddr()); final String forwardedFor = httpRequest.getHeader("X-Forwarded-For"); if (forwardedFor != null) { msg.append(", forwardedFor = ").append(forwardedFor); } msg.append(", request = ").append( httpRequest.getRequestURI().substring(httpRequest.getContextPath().length())); if (httpRequest.getQueryString() != null) { msg.append('?').append(httpRequest.getQueryString()); } msg.append(' ').append(httpRequest.getMethod()); msg.append(": ").append(duration).append(" ms"); if (systemError) { msg.append(", erreur"); } msg.append(", ").append(responseSize / 1024).append(" Ko"); return msg.toString(); }
private static void doHttpFilter(HttpServletRequest httpRequest, HttpServletResponse httpResponse, FilterChain chain) throws IOException, ServletException { // SONAR-6881 Disable OPTIONS and TRACE methods if (!ALLOWED_HTTP_METHODS.contains(httpRequest.getMethod())) { httpResponse.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); return; } // WARNING, headers must be added before the doFilter, otherwise they won't be added when response is already committed (for instance when a WS is called) // Clickjacking protection // See https://www.owasp.org/index.php/Clickjacking_Protection_for_Java_EE // The protection is disabled on purpose for integration in external systems like VSTS (/integration/vsts/index.html). String path = httpRequest.getRequestURI().replaceFirst(httpRequest.getContextPath(), ""); if (!path.startsWith("/integration/")) { httpResponse.addHeader("X-Frame-Options", "SAMEORIGIN"); } // Cross-site scripting // See https://www.owasp.org/index.php/List_of_useful_HTTP_headers httpResponse.addHeader("X-XSS-Protection", "1; mode=block"); // MIME-sniffing // See https://www.owasp.org/index.php/List_of_useful_HTTP_headers httpResponse.addHeader("X-Content-Type-Options", "nosniff"); chain.doFilter(httpRequest, httpResponse); }
private String getUri(HttpServletRequest request) { if (request.getContextPath() != null && request.getContextPath().length() > 0) { return request.getServletPath(); } return request.getRequestURI(); } }
@Before public void setUp() throws Exception { when(request.getContextPath()).thenReturn(""); when(request.getRequestURI()).thenReturn("/measures"); }
protected String extractPath(HttpServletRequest request) { String query = request.getQueryString(); try { query = query == null ? "" : "?" + URLDecoder.decode(query, UTF_8.name()); } catch (UnsupportedEncodingException e) { throw new IllegalStateException("Cannot decode query string: " + query); } String path = request.getRequestURI() + query; String context = request.getContextPath(); path = path.substring(context.length()); if (path.startsWith("/")) { // In the root context we have to remove this as well path = path.substring(1); } return path; }