Search in sources :

Example 1 with BadRequestException

use of org.webpieces.router.api.exceptions.BadRequestException in project webpieces by deanhiller.

the class ServiceProxy method parseBodyFromContentType.

private void parseBodyFromContentType(Route route, RequestContext ctx, BodyContentBinder bodyContentBinder) {
    RouterRequest req = ctx.getRequest();
    if (bodyContentBinder != null)
        //A route that defines the content gets to override the content type header so just return
        return;
    if (req.contentLengthHeaderValue == null)
        return;
    if (req.contentTypeHeaderValue == null) {
        log.info("Incoming content length was specified, but no contentType was(We will not parse the body).  req=" + req);
        return;
    }
    BodyParser parser = requestBodyParsers.lookup(req.contentTypeHeaderValue);
    if (parser == null) {
        log.error("Incoming content length was specified but content type was not 'application/x-www-form-urlencoded'(We will not parse body).  req=" + req);
        return;
    }
    DataWrapper body = req.body;
    Charset encoding = config.getDefaultFormAcceptEncoding();
    parser.parse(body, req, encoding);
    if (config.isTokenCheckOn() && route.isCheckSecureToken()) {
        String token = ctx.getSession().get(SessionImpl.SECURE_TOKEN_KEY);
        List<String> formToken = req.multiPartFields.get(RequestContext.SECURE_TOKEN_FORM_NAME);
        if (formToken == null)
            throw new BadRequestException("missing form token(or route added without setting checkToken variable to false)" + "...someone posting form without getting it first(hacker or otherwise) OR " + "you are not using the #{form}# tag or the #{secureToken}# tag to secure your forms");
        else if (!token.equals(formToken.get(0)))
            throw new BadRequestException("bad form token...someone posting form with invalid token(hacker or otherwise)");
    }
}
Also used : DataWrapper(org.webpieces.data.api.DataWrapper) BodyParser(org.webpieces.router.impl.body.BodyParser) Charset(java.nio.charset.Charset) BadRequestException(org.webpieces.router.api.exceptions.BadRequestException) RouterRequest(org.webpieces.ctx.api.RouterRequest)

Aggregations

Charset (java.nio.charset.Charset)1 RouterRequest (org.webpieces.ctx.api.RouterRequest)1 DataWrapper (org.webpieces.data.api.DataWrapper)1 BadRequestException (org.webpieces.router.api.exceptions.BadRequestException)1 BodyParser (org.webpieces.router.impl.body.BodyParser)1