GitHub-Spring
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Decode static resource path with UriUtils 

See gh-33859
pull/33871/head
rstoyanchev 1 year ago
parent
9dabfdf0bf
commit
cbe2f36106
2 changed files with 25 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 24
      spring-webflux/src/main/java/org/springframework/web/reactive/resource/ResourceHandlerUtils.java
  2. 25
      spring-webmvc/src/main/java/org/springframework/web/servlet/resource/ResourceHandlerUtils.java

24
spring-webflux/src/main/java/org/springframework/web/reactive/resource/ResourceHandlerUtils.java
Unescape View File

@ -196,23 +196,23 @@ public abstract class ResourceHandlerUtils { @@ -196,23 +196,23 @@ public abstract class ResourceHandlerUtils {
}
private static boolean isInvalidEncodedPath(String path) {
if (path.contains("%")) {
String decodedPath = decode(path);
if (decodedPath.contains("%")) {
decodedPath = decode(decodedPath);
}
if (isInvalidPath(decodedPath)) {
return true;
}
decodedPath = normalizeInputPath(decodedPath);
return isInvalidPath(decodedPath);
String decodedPath = decode(path);
if (decodedPath.contains("%")) {
decodedPath = decode(decodedPath);
}
return false;
if (!StringUtils.hasText(decodedPath)) {
return true;
}
if (isInvalidPath(decodedPath)) {
return true;
}
decodedPath = normalizeInputPath(decodedPath);
return isInvalidPath(decodedPath);
}
private static String decode(String path) {
try {
return URLDecoder.decode(path, StandardCharsets.UTF_8);
return UriUtils.decode(path, StandardCharsets.UTF_8);
}
catch (Exception ex) {
return "";

25
spring-webmvc/src/main/java/org/springframework/web/servlet/resource/ResourceHandlerUtils.java
Unescape View File

@ -32,6 +32,7 @@ import org.springframework.util.Assert; @@ -32,6 +32,7 @@ import org.springframework.util.Assert;
import org.springframework.util.ResourceUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.context.support.ServletContextResource;
import org.springframework.web.util.UriUtils;
/**
* Resource handling utility methods to share common logic between
@ -201,23 +202,23 @@ public abstract class ResourceHandlerUtils { @@ -201,23 +202,23 @@ public abstract class ResourceHandlerUtils {
* @return {@code true} if the path is invalid, {@code false} otherwise
*/
private static boolean isInvalidEncodedPath(String path) {
if (path.contains("%")) {
String decodedPath = decode(path);
if (decodedPath.contains("%")) {
decodedPath = decode(decodedPath);
}
if (isInvalidPath(decodedPath)) {
return true;
}
decodedPath = normalizeInputPath(decodedPath);
return isInvalidPath(decodedPath);
String decodedPath = decode(path);
if (decodedPath.contains("%")) {
decodedPath = decode(decodedPath);
}
return false;
if (!StringUtils.hasText(decodedPath)) {
return true;
}
if (isInvalidPath(decodedPath)) {
return true;
}
decodedPath = normalizeInputPath(decodedPath);
return isInvalidPath(decodedPath);
}
private static String decode(String path) {
try {
return URLDecoder.decode(path, StandardCharsets.UTF_8);
return UriUtils.decode(path, StandardCharsets.UTF_8);
}
catch (Exception ex) {
return "";

Write Preview
Loading…
Cancel
Save