Download
Getting Started
Members
Projects
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
More
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
Toggle navigation
Bugzilla – Attachment 233975 Details for
Bug 413668
Cross Site Request Forgery vulnerability (aka CSRF/XSRF)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
Terms of Use
|
Copyright Agent
Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read
this important communication.
[patch]
Patch for backporting to 2.1 maintenance branch
Add-content-type-check-before-processing-the-POST-re.patch (text/plain), 4.13 KB, created by
Ivan Furnadjiev
on 2013-07-31 08:14:51 EDT
(
hide
)
Description:
Patch for backporting to 2.1 maintenance branch
Filename:
MIME Type:
Creator:
Ivan Furnadjiev
Created:
2013-07-31 08:14:51 EDT
Size:
4.13 KB
patch
obsolete
>diff --git a/bundles/org.eclipse.rap.rwt/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler.java b/bundles/org.eclipse.rap.rwt/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler.java >index 78b0483..0203b72 100644 >--- a/bundles/org.eclipse.rap.rwt/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler.java >+++ b/bundles/org.eclipse.rap.rwt/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler.java >@@ -104,7 +104,9 @@ > throws IOException > { > setJsonResponseHeaders( response ); >- if( isSessionShutdown() ) { >+ if( !isContentTypeValid( request ) ) { >+ writeInvalidContentType( response ); >+ } else if( isSessionShutdown() ) { > shutdownUISession(); > } else if( isSessionTimeout() ) { > writeSessionTimeoutError( response ); >@@ -159,6 +161,11 @@ > return sentRequestId != null && sentRequestId.asInt() == currentRequestId - 1; > } > >+ private static boolean isContentTypeValid( ServletRequest request ) { >+ String contentType = request.getContentType(); >+ return contentType != null && contentType.startsWith( HTTP.CONTENT_TYPE_JSON ); >+ } >+ > private static void shutdownUISession() { > UISessionImpl uiSession = ( UISessionImpl )ContextProvider.getUISession(); > uiSession.shutdown(); >@@ -176,6 +183,11 @@ > writeError( response, HttpServletResponse.SC_FORBIDDEN, errorType ); > } > >+ private static void writeInvalidContentType( HttpServletResponse response ) throws IOException { >+ String errorType = "invalid content type"; >+ writeError( response, HttpServletResponse.SC_BAD_REQUEST, errorType ); >+ } >+ > private static void writeError( HttpServletResponse response, > int statusCode, > String errorType ) throws IOException >diff --git a/tests/org.eclipse.rap.rwt.test/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler_Test.java b/tests/org.eclipse.rap.rwt.test/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler_Test.java >index b51ec8f..827adfd 100644 >--- a/tests/org.eclipse.rap.rwt.test/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler_Test.java >+++ b/tests/org.eclipse.rap.rwt.test/src/org/eclipse/rap/rwt/internal/service/LifeCycleServiceHandler_Test.java >@@ -350,6 +350,19 @@ > } > > @Test >+ public void testHandlesInvalidRequestContentType() throws IOException { >+ simulateUiRequestWithIllegalContentType(); >+ >+ service( new LifeCycleServiceHandler( getLifeCycleFactory(), mockStartupPage() ) ); >+ >+ TestResponse response = getResponse(); >+ assertEquals( HttpServletResponse.SC_BAD_REQUEST, response.getStatus() ); >+ Message message = getMessageFromResponse(); >+ assertEquals( "invalid content type", message.getError() ); >+ assertEquals( 0, message.getOperationCount() ); >+ } >+ >+ @Test > public void testSendBufferedResponse() throws IOException { > LifeCycleServiceHandler.markSessionStarted(); > simulateUiRequest(); >@@ -444,6 +457,13 @@ > request.setServletPath( "/test" ); > } > >+ private void simulateUiRequestWithIllegalContentType() { >+ Fixture.fakeNewRequest(); >+ TestRequest request = ( TestRequest )ContextProvider.getRequest(); >+ request.setContentType( "text/plain" ); >+ request.setServletPath( "/test" ); >+ } >+ > private static LifeCycleFactory mockLifeCycleFactory() { > LifeCycle lifecycle = mock( LifeCycle.class ); > LifeCycleFactory lifeCycleFactory = mock( LifeCycleFactory.class ); >diff --git a/tests/org.eclipse.rap.rwt.testfixture/src/org/eclipse/rap/rwt/testfixture/Fixture.java b/tests/org.eclipse.rap.rwt.testfixture/src/org/eclipse/rap/rwt/testfixture/Fixture.java >index f4f12f9..0c8dd39 100644 >--- a/tests/org.eclipse.rap.rwt.testfixture/src/org/eclipse/rap/rwt/testfixture/Fixture.java >+++ b/tests/org.eclipse.rap.rwt.testfixture/src/org/eclipse/rap/rwt/testfixture/Fixture.java >@@ -326,6 +326,7 @@ > > public static TestRequest fakeNewRequest() { > TestRequest request = createNewRequest( HTTP.METHOD_POST ); >+ request.setContentType( HTTP.CONTENT_TYPE_JSON ); > request.setBody( createEmptyMessage() ); > createNewServiceContext( request, new TestResponse() ); > fakeResponseWriter();
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=233975">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
ivan
:
review?
Actions:
View
|
Diff
Attachments on
bug 413668
:
233837
|
233840
| 233975
