You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/11/07 10:12:39 UTC
[sling-org-apache-sling-security] 01/20: SLING-2141 - Add a way to
check the referrer for modification requests
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to annotated tag org.apache.sling.security-1.0.0
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-security.git
commit 039593ae0710c82039dac5a867d8514bf83a528e
Author: Carsten Ziegeler <cz...@apache.org>
AuthorDate: Thu Jul 14 13:42:34 2011 +0000
SLING-2141 - Add a way to check the referrer for modification requests
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/security@1146709 13f79535-47bb-0310-9956-ffa450edef68
---
pom.xml | 98 +++++++++++++
.../apache/sling/security/impl/ReferrerFilter.java | 159 +++++++++++++++++++++
.../OSGI-INF/metatype/metatype.properties | 35 +++++
3 files changed, 292 insertions(+)
diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..84adade
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>sling</artifactId>
+ <version>10</version>
+ </parent>
+
+ <artifactId>org.apache.sling.security</artifactId>
+ <version>0.5.0-SNAPSHOT</version>
+ <packaging>bundle</packaging>
+
+ <name>Apache Sling Security</name>
+ <description>
+ The Apache Sling Security module.
+ </description>
+
+ <scm>
+ <connection>scm:svn:http://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/security</connection>
+ <developerConnection>scm:svn:https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/security</developerConnection>
+ <url>http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/security</url>
+ </scm>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-scr-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>maven-sling-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <extensions>true</extensions>
+ <configuration>
+ <instructions>
+ <Bundle-Category>sling</Bundle-Category>
+ <Private-Package>
+ org.apache.sling.security.impl
+ </Private-Package>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.commons.osgi</artifactId>
+ <version>2.0.6</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.scr.annotations</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.compendium</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java b/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
new file mode 100644
index 0000000..caf935d
--- /dev/null
+++ b/src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
@@ -0,0 +1,159 @@
+/*
+ * Copyright 1997-2011 Day Management AG
+ * Barfuesserplatz 6, 4001 Basel, Switzerland
+ * All Rights Reserved.
+ *
+ * This software is the confidential and proprietary information of
+ * Day Management AG, ("Confidential Information"). You shall not
+ * disclose such Confidential Information and shall use it only in
+ * accordance with the terms of the license agreement you entered into
+ * with Day.
+ */
+package org.apache.sling.security.impl;
+
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.felix.scr.annotations.Property;
+import org.apache.felix.scr.annotations.PropertyUnbounded;
+import org.apache.felix.scr.annotations.sling.SlingFilter;
+import org.apache.felix.scr.annotations.sling.SlingFilterScope;
+import org.apache.sling.commons.osgi.OsgiUtil;
+import org.osgi.service.component.ComponentContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@SlingFilter(order=-100000,scope=SlingFilterScope.REQUEST,metatype=true,
+ description="%referrer.description",
+ label="%referrer.name")
+public class ReferrerFilter implements Filter {
+
+ private static final boolean DEFAULT_ALLOW_EMPTY = true;
+
+ @Property(boolValue=DEFAULT_ALLOW_EMPTY)
+ private static final String PROP_ALLOW_EMPTY = "allow.empty";
+
+ @Property(unbounded=PropertyUnbounded.ARRAY)
+ private static final String PROP_HOSTS = "allow.hosts";
+
+ private boolean allowEmpty;
+
+ private String[] allowHosts;
+
+ /**
+ * Activate
+ */
+ protected void activate(final ComponentContext ctx) {
+ this.allowEmpty = OsgiUtil.toBoolean(ctx.getProperties().get(PROP_ALLOW_EMPTY), DEFAULT_ALLOW_EMPTY);
+ this.allowHosts = OsgiUtil.toStringArray(ctx.getProperties().get(PROP_HOSTS));
+ if ( this.allowHosts != null ) {
+ if ( this.allowHosts.length == 0 ) {
+ this.allowHosts = null;
+ } else if ( this.allowHosts.length == 1 && this.allowHosts[0].trim().length() == 0 ) {
+ this.allowHosts = null;
+ }
+ }
+ }
+
+ /** Logger. */
+ private final Logger logger = LoggerFactory.getLogger(this.getClass());
+
+ private boolean isModification(final HttpServletRequest req) {
+ final String method = req.getMethod();
+ if ("POST".equals(method)) {
+ return true;
+ } else if ("PUT".equals(method)) {
+ return true;
+ } else if ("DELETE".equals(method)) {
+ return true;
+ }
+ return false;
+ }
+
+ public void doFilter(final ServletRequest req,
+ final ServletResponse res,
+ final FilterChain chain)
+ throws IOException, ServletException {
+ if ( req instanceof HttpServletRequest && res instanceof HttpServletResponse ) {
+ final HttpServletRequest request = (HttpServletRequest)req;
+
+ // is this a modification request
+ if ( this.isModification(request) ) {
+ if ( !this.isValidRequest(request) ) {
+ final HttpServletResponse response = (HttpServletResponse)res;
+ // we use 500
+ response.sendError(500);
+ return;
+ }
+ }
+ }
+ chain.doFilter(req, res);
+ }
+
+ private boolean isValidRequest(final HttpServletRequest request) {
+ final String referrer = request.getHeader("referer");
+ // check for missing/empty referrer
+ if ( referrer == null || referrer.trim().length() == 0 ) {
+ if ( !this.allowEmpty ) {
+ this.logger.info("Rejected empty referrer header for {} request to {}", request.getMethod(), request.getRequestURI());
+ }
+ return this.allowEmpty;
+ }
+ // check for relative referrer - which is always allowed
+ if ( referrer.indexOf(":/") == - 1 ) {
+ return true;
+ }
+ final URI uri;
+ try {
+ uri = new URI(referrer);
+ } catch (URISyntaxException e) {
+ // if this is invalid we just return invalid
+ this.logger.info("Rejected illegal referrer header for {} request to {} : {}",
+ new Object[] {request.getMethod(), request.getRequestURI(), referrer});
+ return false;
+ }
+ final String host = uri.getHost();
+ final boolean valid;
+ if ( this.allowHosts == null ) {
+ valid = host.equals(request.getServerName());
+ } else {
+ boolean flag = false;
+ for(final String allowHost : this.allowHosts) {
+ if ( host.equals(allowHost) ) {
+ flag = true;
+ break;
+ }
+ }
+ valid = flag;
+ }
+ if ( !valid) {
+ this.logger.info("Rejected referrer header for {} request to {} : {}",
+ new Object[] {request.getMethod(), request.getRequestURI(), referrer});
+ }
+ return valid;
+ }
+
+ /**
+ * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
+ */
+ public void init(FilterConfig arg0) throws ServletException {
+ // nothing to do
+ }
+
+ /**
+ * @see javax.servlet.Filter#destroy()
+ */
+ public void destroy() {
+ // nothing to do
+ }
+}
diff --git a/src/main/resources/OSGI-INF/metatype/metatype.properties b/src/main/resources/OSGI-INF/metatype/metatype.properties
new file mode 100644
index 0000000..b79a686
--- /dev/null
+++ b/src/main/resources/OSGI-INF/metatype/metatype.properties
@@ -0,0 +1,35 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+#
+# This file contains localization strings for configuration labels and
+# descriptions as used in the metatype.xml descriptor generated by the
+# the SCR plugin
+
+#
+# Referrer Filter
+referrer.name = Apache Sling Referrer Filter
+referrer.description = Request filter checking the referrer of modification requests.
+
+allow.empty.name = Allow Empty
+allow.empty.description = Allow an empty or missing referrer
+
+allow.hosts.name = Allow Hosts
+allow.hosts.description = List of allowed hosts for the referrer. IF this is empty only the server\
+ host is allowed.
--
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <co...@sling.apache.org>.