This is an automated email from the ASF dual-hosted git repository. benjobs pushed a commit to branch trace in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
commit 993efd88facb3b58fbbb0dc0161cbb6edf487391 Author: benjobs <[email protected]> AuthorDate: Fri May 17 22:08:48 2024 +0800 [Improve] disable TRACE method improvement --- .../console/base/config/WebMvcConfig.java | 38 ++++++++++++++++++---- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java index 2188b831c..4fd54ce7d 100644 --- a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java +++ b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java @@ -25,22 +25,41 @@ import com.fasterxml.jackson.databind.ser.std.ToStringSerializer; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; import org.springframework.http.converter.ByteArrayHttpMessageConverter; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.converter.ResourceHttpMessageConverter; import org.springframework.http.converter.StringHttpMessageConverter; import org.springframework.http.converter.support.AllEncompassingFormHttpMessageConverter; +import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import java.io.IOException; import java.util.List; @Configuration -public class WebMvcConfig implements WebMvcConfigurer { +public class WebMvcConfig extends OncePerRequestFilter implements WebMvcConfigurer { @Autowired private UploadFileTypeInterceptor uploadFileTypeInterceptor; + @Override + protected void doFilterInternal( + HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + if (request.getMethod().equals(HttpMethod.TRACE.name())) { + response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED); + } else { + filterChain.doFilter(request, response); + } + } + @Override public void extendMessageConverters(List<HttpMessageConverter<?>> converters) { converters.add(new ByteArrayHttpMessageConverter()); @@ -54,12 +73,22 @@ public class WebMvcConfig implements WebMvcConfigurer { registry .addMapping("/**") .allowedOriginPatterns("*") - .allowedMethods("POST", "GET", "PUT", "OPTIONS", "DELETE") + .allowedMethods( + HttpMethod.GET.name(), + HttpMethod.POST.name(), + HttpMethod.PUT.name(), + HttpMethod.DELETE.name(), + HttpMethod.OPTIONS.name()) .allowedHeaders("*") .allowCredentials(true) .maxAge(3600); } + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(uploadFileTypeInterceptor).addPathPatterns("/flink/app/upload"); + } + @Bean public Module jacksonModule() { SimpleModule module = new SimpleModule(); @@ -67,9 +96,4 @@ public class WebMvcConfig implements WebMvcConfigurer { module.addSerializer(Long.TYPE, ToStringSerializer.instance); return module; } - - @Override - public void addInterceptors(InterceptorRegistry registry) { - registry.addInterceptor(uploadFileTypeInterceptor).addPathPatterns("/flink/app/upload"); - } }
