aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRam Koya <rk541m@att.com>2018-09-24 15:18:44 +0000
committerGerrit Code Review <gerrit@onap.org>2018-09-24 15:18:44 +0000
commitb2e750843b6e7b109d09fc684282b65c72bc98d7 (patch)
tree3f64d63034ec2b62e71c6030eb945f524a888012
parentca28db1f5b2b2b68b2c400fc157adabdcbd084bc (diff)
parentf3813a02bcb9ff3d0fcb9ad999e0b6221ff79cdb (diff)
Merge "Fix PublishServlet Vulnerabilities"
-rw-r--r--datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java72
1 files changed, 38 insertions, 34 deletions
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java
index 05502760..4cefdf1e 100644
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/PublishServlet.java
@@ -25,11 +25,9 @@
package org.onap.dmaap.datarouter.provisioning;
import java.io.IOException;
-import java.io.InputStream;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
-import java.util.Properties;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
@@ -98,41 +96,47 @@ public class PublishServlet extends BaseServlet {
setIpAndFqdnForEelf("doPost");
eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER));
redirect(req, resp);
+
}
- private void redirect(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- String[] nodes = getNodes();
- if (nodes == null || nodes.length == 0) {
- resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "There are no nodes defined in the DR network.");
- } else {
- EventLogRecord elr = new EventLogRecord(req);
- int feedid = checkPath(req);
- if (feedid < 0) {
- String message = (feedid == -1)
- ? "Invalid request - Missing or bad feed number."
- : "Invalid request - Missing file ID.";
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_NOT_FOUND);
- eventlogger.info(elr);
-
- resp.sendError(HttpServletResponse.SC_NOT_FOUND, message);
+ private void redirect(HttpServletRequest req, HttpServletResponse resp) {
+ try {
+ String[] nodes = getNodes();
+ if (nodes == null || nodes.length == 0) {
+ resp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "There are no nodes defined in the DR network.");
} else {
- // Generate new URL
- String nextnode = getRedirectNode(feedid, req);
- nextnode = nextnode+":"+DB.HTTPS_PORT;
- String newurl = "https://" + nextnode + "/publish" + req.getPathInfo();
- String qs = req.getQueryString();
- if (qs != null)
- newurl += "?" + qs;
-
- // Log redirect in event log
- String message = "Redirected to: "+newurl;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_MOVED_PERMANENTLY);
- eventlogger.info(elr);
-
- resp.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
- resp.setHeader("Location", newurl);
+ EventLogRecord elr = new EventLogRecord(req);
+ int feedid = checkPath(req);
+ if (feedid < 0) {
+ String message = (feedid == -1)
+ ? "Invalid request - Missing or bad feed number."
+ : "Invalid request - Missing file ID.";
+ elr.setMessage(message);
+ elr.setResult(HttpServletResponse.SC_NOT_FOUND);
+ eventlogger.info(elr);
+
+ resp.sendError(HttpServletResponse.SC_NOT_FOUND, message);
+ } else {
+ // Generate new URL
+ String nextnode = getRedirectNode(feedid, req);
+ nextnode = nextnode + ":" + DB.HTTPS_PORT;
+ String newurl = "https://" + nextnode + "/publish" + req.getPathInfo();
+ String qs = req.getQueryString();
+ if (qs != null)
+ newurl += "?" + qs;
+
+ // Log redirect in event log
+ String message = "Redirected to: " + newurl;
+ elr.setMessage(message);
+ elr.setResult(HttpServletResponse.SC_MOVED_PERMANENTLY);
+ eventlogger.info(elr);
+
+ resp.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);
+ resp.setHeader("Location", newurl);
+ }
}
+ } catch (IOException ioe) {
+ intlogger.error("IOException" + ioe.getMessage());
+
}
}
private String getRedirectNode(int feedid, HttpServletRequest req) {