Jetty CERT mitigation
This commit is contained in:
parent
5e139faf16
commit
344a762425
1 changed files with 22 additions and 3 deletions
|
|
@ -11,6 +11,10 @@ import java.io.File;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
|
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
import java.lang.reflect.Field;
|
||||||
|
import java.lang.Class;
|
||||||
|
|
||||||
public class FileResourceHandler extends ResourceHandler {
|
public class FileResourceHandler extends ResourceHandler {
|
||||||
private static String getNormalizedPath(String p) {
|
private static String getNormalizedPath(String p) {
|
||||||
p = p.replace('\\', '/');
|
p = p.replace('\\', '/');
|
||||||
|
|
@ -44,9 +48,10 @@ public class FileResourceHandler extends ResourceHandler {
|
||||||
@Override
|
@Override
|
||||||
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
|
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
|
||||||
Resource resource;
|
Resource resource;
|
||||||
target = getNormalizedPath(target);
|
String normalizedTarget = getNormalizedPath(target);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
resource = getResource(target);
|
resource = getResource(normalizedTarget);
|
||||||
} catch(MalformedURLException ex) {
|
} catch(MalformedURLException ex) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -57,6 +62,20 @@ public class FileResourceHandler extends ResourceHandler {
|
||||||
if (file == null) {
|
if (file == null) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
super.handle(target, baseRequest, request, response);
|
if(!target.equals(normalizedTarget)){
|
||||||
|
baseRequest.setRequestURI(normalizedTarget);
|
||||||
|
baseRequest.setPathInfo(normalizedTarget);
|
||||||
|
try{
|
||||||
|
Class<?> requestClass = request.getClass();
|
||||||
|
Field field = requestClass.getDeclaredField("_pathInfo");
|
||||||
|
field.setAccessible(true);
|
||||||
|
field.set(request, normalizedTarget);
|
||||||
|
} catch (Exception ignore) {
|
||||||
|
//It's unsafe to continue since these lines will be triggered by only malicious requests.
|
||||||
|
ignore.printStackTrace();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
super.handle(normalizedTarget, baseRequest, request, response);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue