Example 46 with Request
use of org.apache.catalina.connector.Request in project tomcat70 by apache.
the class TestRemoteIpValve method testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp.
@Test
public void testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("127\\.0\\.0\\.1|192\\.168\\..*|another-internal-proxy");
remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy1");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy2");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = request.getHeader("x-forwarded-by");
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}Example 47 with Request
use of org.apache.catalina.connector.Request in project tomcat70 by apache.
the class TestRemoteIpValve method testInvokeAllProxiesAreInternal.
@Test
public void testInvokeAllProxiesAreInternal() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, 192.168.0.10, 192.168.0.11");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are internal, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = request.getHeader("x-forwarded-by");
Assert.assertNull("all proxies are internal, x-forwarded-by must be null", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}Example 48 with Request
use of org.apache.catalina.connector.Request in project tomcat70 by apache.
the class TestCrawlerSessionManagerValve method createRequestExpectations.
private Request createRequestExpectations(String ip, HttpSession session, boolean isBot) {
Request request = EasyMock.createMock(Request.class);
EasyMock.expect(request.getRemoteAddr()).andReturn(ip);
IExpectationSetters<HttpSession> setter = EasyMock.expect(request.getSession(false)).andReturn(null);
if (isBot) {
setter.andReturn(session);
}
EasyMock.expect(request.getHeaders("user-agent")).andReturn(Collections.enumeration(Collections.<String>emptyList()));
return request;
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
Request(org.apache.catalina.connector.Request)
Example 49 with Request
use of org.apache.catalina.connector.Request in project tomcat70 by apache.
the class TestCrawlerSessionManagerValve method testCrawlerIpsNegative.
@Test
public void testCrawlerIpsNegative() throws Exception {
CrawlerSessionManagerValve valve = new CrawlerSessionManagerValve();
valve.setCrawlerIps("216\\.58\\.206\\.174");
valve.setNext(EasyMock.createMock(Valve.class));
HttpSession session = createSessionExpectations(valve, false);
Request request = createRequestExpectations("127.0.0.1", session, false);
EasyMock.replay(request, session);
valve.invoke(request, EasyMock.createMock(Response.class));
EasyMock.verify(request, session);
}
Also used :
Response(org.apache.catalina.connector.Response)
HttpSession(javax.servlet.http.HttpSession)
Request(org.apache.catalina.connector.Request)
Valve(org.apache.catalina.Valve)
Test(org.junit.Test)
Example 50 with Request
use of org.apache.catalina.connector.Request in project tomcat70 by apache.
the class SSIServletExternalResolver method getCGIVariable.
protected String getCGIVariable(String name) {
String retVal = null;
String[] nameParts = name.toUpperCase(Locale.ENGLISH).split("_");
int requiredParts = 2;
if (nameParts.length == 1) {
if (nameParts[0].equals("PATH")) {
requiredParts = 1;
}
} else if (nameParts[0].equals("AUTH")) {
if (nameParts[1].equals("TYPE")) {
retVal = req.getAuthType();
}
} else if (nameParts[0].equals("CONTENT")) {
if (nameParts[1].equals("LENGTH")) {
int contentLength = req.getContentLength();
if (contentLength >= 0) {
retVal = Integer.toString(contentLength);
}
} else if (nameParts[1].equals("TYPE")) {
retVal = req.getContentType();
}
} else if (nameParts[0].equals("DOCUMENT")) {
if (nameParts[1].equals("NAME")) {
String requestURI = req.getRequestURI();
retVal = requestURI.substring(requestURI.lastIndexOf('/') + 1);
} else if (nameParts[1].equals("URI")) {
retVal = req.getRequestURI();
}
} else if (name.equalsIgnoreCase("GATEWAY_INTERFACE")) {
retVal = "CGI/1.1";
} else if (nameParts[0].equals("HTTP")) {
if (nameParts[1].equals("ACCEPT")) {
String accept = null;
if (nameParts.length == 2) {
accept = "Accept";
} else if (nameParts[2].equals("ENCODING")) {
requiredParts = 3;
accept = "Accept-Encoding";
} else if (nameParts[2].equals("LANGUAGE")) {
requiredParts = 3;
accept = "Accept-Language";
}
if (accept != null) {
Enumeration<String> acceptHeaders = req.getHeaders(accept);
if (acceptHeaders != null)
if (acceptHeaders.hasMoreElements()) {
StringBuilder rv = new StringBuilder(acceptHeaders.nextElement());
while (acceptHeaders.hasMoreElements()) {
rv.append(", ");
rv.append(acceptHeaders.nextElement());
}
retVal = rv.toString();
}
}
} else if (nameParts[1].equals("CONNECTION")) {
retVal = req.getHeader("Connection");
} else if (nameParts[1].equals("HOST")) {
retVal = req.getHeader("Host");
} else if (nameParts[1].equals("REFERER")) {
retVal = req.getHeader("Referer");
} else if (nameParts[1].equals("USER"))
if (nameParts.length == 3)
if (nameParts[2].equals("AGENT")) {
requiredParts = 3;
retVal = req.getHeader("User-Agent");
}
} else if (nameParts[0].equals("PATH")) {
if (nameParts[1].equals("INFO")) {
retVal = req.getPathInfo();
} else if (nameParts[1].equals("TRANSLATED")) {
retVal = req.getPathTranslated();
}
} else if (nameParts[0].equals("QUERY")) {
if (nameParts[1].equals("STRING")) {
String queryString = req.getQueryString();
if (nameParts.length == 2) {
// apache displays this as an empty string rather than (none)
retVal = nullToEmptyString(queryString);
} else if (nameParts[2].equals("UNESCAPED")) {
requiredParts = 3;
if (queryString != null) {
String uriEncoding = null;
boolean useBodyEncodingForURI = false;
// Get encoding settings from request / connector if
// possible
String requestEncoding = req.getCharacterEncoding();
if (req instanceof Request) {
Connector connector = ((Request) req).getConnector();
uriEncoding = connector.getURIEncoding();
useBodyEncodingForURI = connector.getUseBodyEncodingForURI();
}
String queryStringEncoding;
// If valid, apply settings from request / connector
if (useBodyEncodingForURI && requestEncoding != null) {
queryStringEncoding = requestEncoding;
} else if (uriEncoding != null) {
queryStringEncoding = uriEncoding;
} else {
// Use default as a last resort
queryStringEncoding = Constants.DEFAULT_CHARACTER_ENCODING;
}
try {
retVal = URLDecoder.decode(queryString, queryStringEncoding);
} catch (UnsupportedEncodingException e) {
retVal = queryString;
}
}
}
}
} else if (nameParts[0].equals("REMOTE")) {
if (nameParts[1].equals("ADDR")) {
retVal = req.getRemoteAddr();
} else if (nameParts[1].equals("HOST")) {
retVal = req.getRemoteHost();
} else if (nameParts[1].equals("IDENT")) {
// Not implemented
} else if (nameParts[1].equals("PORT")) {
retVal = Integer.toString(req.getRemotePort());
} else if (nameParts[1].equals("USER")) {
retVal = req.getRemoteUser();
}
} else if (nameParts[0].equals("REQUEST")) {
if (nameParts[1].equals("METHOD")) {
retVal = req.getMethod();
} else if (nameParts[1].equals("URI")) {
// If this is an error page, get the original URI
retVal = (String) req.getAttribute(RequestDispatcher.FORWARD_REQUEST_URI);
if (retVal == null)
retVal = req.getRequestURI();
}
} else if (nameParts[0].equals("SCRIPT")) {
String scriptName = req.getServletPath();
if (nameParts[1].equals("FILENAME")) {
retVal = context.getRealPath(scriptName);
} else if (nameParts[1].equals("NAME")) {
retVal = scriptName;
}
} else if (nameParts[0].equals("SERVER")) {
if (nameParts[1].equals("ADDR")) {
retVal = req.getLocalAddr();
}
if (nameParts[1].equals("NAME")) {
retVal = req.getServerName();
} else if (nameParts[1].equals("PORT")) {
retVal = Integer.toString(req.getServerPort());
} else if (nameParts[1].equals("PROTOCOL")) {
retVal = req.getProtocol();
} else if (nameParts[1].equals("SOFTWARE")) {
StringBuilder rv = new StringBuilder(context.getServerInfo());
rv.append(" ");
rv.append(System.getProperty("java.vm.name"));
rv.append("/");
rv.append(System.getProperty("java.vm.version"));
rv.append(" ");
rv.append(System.getProperty("os.name"));
retVal = rv.toString();
}
} else if (name.equalsIgnoreCase("UNIQUE_ID")) {
retVal = req.getRequestedSessionId();
}
if (requiredParts != nameParts.length)
return null;
return retVal;
}
Also used :
Connector(org.apache.catalina.connector.Connector)
Enumeration(java.util.Enumeration)
Request(org.apache.catalina.connector.Request)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Aggregations
Request (org.apache.catalina.connector.Request)80
Test (org.junit.Test)44
Response (org.apache.catalina.connector.Response)16
HttpServletRequest (javax.servlet.http.HttpServletRequest)14
IOException (java.io.IOException)9
HttpSession (javax.servlet.http.HttpSession)9
Context (org.apache.catalina.Context)9
ServletRequest (javax.servlet.ServletRequest)8
Valve (org.apache.catalina.Valve)7
RequestFacade (org.apache.catalina.connector.RequestFacade)7
TesterContext (org.apache.tomcat.unittest.TesterContext)7
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)5
HttpSession (jakarta.servlet.http.HttpSession)5
ServletException (javax.servlet.ServletException)5
Connector (org.apache.catalina.connector.Connector)5
ServletRequest (jakarta.servlet.ServletRequest)4
TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)4
ServletRequestWrapper (javax.servlet.ServletRequestWrapper)3
LifecycleException (org.apache.catalina.LifecycleException)3
ServletException (jakarta.servlet.ServletException)2
