From 806e8c056a9e7aea896afc5a893ff713a726e336 Mon Sep 17 00:00:00 2001
From: Mike Primm <mike@primmhome.com>
Date: Fri, 1 Jan 2021 09:21:12 -0600
Subject: [PATCH] Initial file filter code

---
 .../src/main/java/org/dynmap/DynmapCore.java  |  3 ++
 .../java/org/dynmap/web/FileNameFilter.java   | 34 +++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 DynmapCore/src/main/java/org/dynmap/web/FileNameFilter.java

diff --git a/DynmapCore/src/main/java/org/dynmap/DynmapCore.java b/DynmapCore/src/main/java/org/dynmap/DynmapCore.java
index 268062ce..8b7901f7 100644
--- a/DynmapCore/src/main/java/org/dynmap/DynmapCore.java
+++ b/DynmapCore/src/main/java/org/dynmap/DynmapCore.java
@@ -60,6 +60,7 @@ import org.dynmap.utils.BlockStep;
 import org.dynmap.utils.ImageIOManager;
 import org.dynmap.web.BanIPFilter;
 import org.dynmap.web.CustomHeaderFilter;
+import org.dynmap.web.FileNameFilter;
 import org.dynmap.web.FilterHandler;
 import org.dynmap.web.HandlerRouter;
 import org.eclipse.jetty.server.Connector;
@@ -973,6 +974,8 @@ public class DynmapCore implements DynmapCommonAPI {
         if (checkbannedips) {
             filters.add(new BanIPFilter(this));
         }
+        filters.add(new FileNameFilter(this));
+        
 //        filters.add(new LoginFilter(this));
         
         /* Load customized response headers, if any */
diff --git a/DynmapCore/src/main/java/org/dynmap/web/FileNameFilter.java b/DynmapCore/src/main/java/org/dynmap/web/FileNameFilter.java
new file mode 100644
index 00000000..cb23e42f
--- /dev/null
+++ b/DynmapCore/src/main/java/org/dynmap/web/FileNameFilter.java
@@ -0,0 +1,34 @@
+package org.dynmap.web;
+
+import org.dynmap.DynmapCore;
+import org.dynmap.Log;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import java.io.IOException;
+
+public class FileNameFilter implements Filter {
+
+    public FileNameFilter(DynmapCore core) {
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException { }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+    	String path = ((HttpServletRequest)request).getRequestURL().toString();
+    	HttpServletResponse resp = (HttpServletResponse)response;
+        // Filter unneeded file requests
+        if (path.toLowerCase().endsWith(".php")) {
+            resp.sendError(404);
+        } else {
+            chain.doFilter(request, response);
+        }
+    }
+
+    @Override
+    public void destroy() { }
+}