Examples with OLATSecurityException org.olat.core.logging.OLATSecurityException used on opensource projects

Search in sources :

Example 16 with OLATSecurityException

use of org.olat.core.logging.OLATSecurityException in project openolat by klemens.

the class GlobalMapperRegistry method execute.

/**
 * @param hreq
 * @param hres
 */
@Override
public void execute(HttpServletRequest hreq, HttpServletResponse hres) throws IOException {
    String pathInfo = DispatcherModule.subtractContextPath(hreq);
    // e.g. 23423/bla/blu.html
    String subInfo = pathInfo.substring(DispatcherModule.PATH_GLOBAL_MAPPED.length());
    int slashPos = subInfo.indexOf('/');
    if (slashPos == -1) {
        DispatcherModule.sendNotFound("not found", hres);
        return;
    }
    // smappath e.g. org.olat.demo.DemoController
    String smappath = subInfo.substring(0, slashPos);
    Mapper m = pathToMapper.get(smappath);
    MediaResource mr;
    if (m == null) {
        // not mapped
        mr = NOTFOUND;
    } else {
        String mod = subInfo.substring(slashPos);
        // brasato:: can this happen at all, or does tomcat filter out - till now never reached - needs some little cpu cycles
        if (mod.indexOf("..") != -1)
            throw new OLATSecurityException("mapper path contained '..' : " + mod);
        // /bla/blu.html
        mr = m.handle(mod, hreq);
    }
    ServletUtil.serveResource(hreq, hres, mr);
}
Also used : OLATSecurityException(org.olat.core.logging.OLATSecurityException) MediaResource(org.olat.core.gui.media.MediaResource) NotFoundMediaResource(org.olat.core.gui.media.NotFoundMediaResource)

Aggregations

OLATSecurityException (org.olat.core.logging.OLATSecurityException)16 CloseableModalController (org.olat.core.gui.control.generic.closablewrapper.CloseableModalController)10 RepositoryEntry (org.olat.repository.RepositoryEntry)6 MediaResource (org.olat.core.gui.media.MediaResource)4 ConfirmDeleteSoftlyController (org.olat.repository.ui.author.ConfirmDeleteSoftlyController)4 List (java.util.List)2 Authentication (org.olat.basesecurity.Authentication)2 LayoutMain3ColsController (org.olat.core.commons.fullWebApp.LayoutMain3ColsController)2 FolderRunController (org.olat.core.commons.modules.bc.FolderRunController)2 GlossaryMainController (org.olat.core.commons.modules.glossary.GlossaryMainController)2 UserRequest (org.olat.core.gui.UserRequest)2 UserRequestImpl (org.olat.core.gui.UserRequestImpl)2 ChiefController (org.olat.core.gui.control.ChiefController)2 Controller (org.olat.core.gui.control.Controller)2 VetoableCloseController (org.olat.core.gui.control.VetoableCloseController)2 CloseableCalloutWindowController (org.olat.core.gui.control.generic.closablewrapper.CloseableCalloutWindowController)2 Activateable2 (org.olat.core.gui.control.generic.dtabs.Activateable2)2 NotFoundMediaResource (org.olat.core.gui.media.NotFoundMediaResource)2 RedirectMediaResource (org.olat.core.gui.media.RedirectMediaResource)2 Identity (org.olat.core.id.Identity)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial