You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@usergrid.apache.org by sn...@apache.org on 2015/07/30 20:44:39 UTC

[16/35] incubator-usergrid git commit: Ensure that the input application name does not contain characters that can be used to inject malicious content.

Ensure that the input application name does not contain characters that can be used to inject malicious content.


Project: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/commit/e4c4dbd6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/tree/e4c4dbd6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/diff/e4c4dbd6

Branch: refs/heads/ug2-doc-update
Commit: e4c4dbd66ebb4f4fb61d40a302a7ce200943c1ad
Parents: b9af09e
Author: arun.ram <ar...@spartasystems.com>
Authored: Tue Jul 7 11:17:30 2015 -0400
Committer: arun.ram <ar...@spartasystems.com>
Committed: Tue Jul 7 11:17:30 2015 -0400

----------------------------------------------------------------------
 .../usergrid/rest/organizations/OrganizationResource.java    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/e4c4dbd6/stack/rest/src/main/java/org/apache/usergrid/rest/organizations/OrganizationResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/organizations/OrganizationResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/organizations/OrganizationResource.java
index 99497d7..b7acf16 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/organizations/OrganizationResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/organizations/OrganizationResource.java
@@ -125,7 +125,7 @@ public class OrganizationResource extends AbstractContextResource {
     }
 
 
-    @Path("{applicationName}")
+    @Path("{applicationName: [^<>/]+}")
     public ApplicationResource getApplicationByName( @PathParam("applicationName") String applicationName )
             throws Exception {
 
@@ -143,21 +143,21 @@ public class OrganizationResource extends AbstractContextResource {
     }
 
 
-    @Path("applications/{applicationName}")
+    @Path("applications/{applicationName: [^<>/]+}")
     public ApplicationResource getApplicationByName2( @PathParam("applicationName") String applicationName )
             throws Exception {
         return getApplicationByName( applicationName );
     }
 
 
-    @Path("apps/{applicationName}")
+    @Path("apps/{applicationName: [^<>/]+}")
     public ApplicationResource getApplicationByName3( @PathParam("applicationName") String applicationName )
             throws Exception {
         return getApplicationByName( applicationName );
     }
 
 
-    @Path("a/{applicationName}")
+    @Path("a/{applicationName: [^<>/]+}")
     public ApplicationResource getApplicationByName4( @PathParam("applicationName") String applicationName )
             throws Exception {
         return getApplicationByName( applicationName );