This is an automated email from the ASF dual-hosted git repository.
benjobs pushed a commit to branch dev-2.1.5
in repository https://gitbox.apache.org/repos/asf/incubator-streampark.git
The following commit(s) were added to refs/heads/dev-2.1.5 by this push:
new 7d0d1e62e [Improve] disable TRACE method improvement (#3718)
7d0d1e62e is described below
commit 7d0d1e62eb9d6d570930995b25238b53d3f78054
Author: benjobs <[email protected]>
AuthorDate: Sat May 18 22:31:04 2024 +0800
[Improve] disable TRACE method improvement (#3718)
Co-authored-by: benjobs <[email protected]>
---
.../console/base/config/WebMvcConfig.java | 38 ++++++++++++++++++----
1 file changed, 31 insertions(+), 7 deletions(-)
diff --git
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java
index 2188b831c..4fd54ce7d 100644
---
a/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java
+++
b/streampark-console/streampark-console-service/src/main/java/org/apache/streampark/console/base/config/WebMvcConfig.java
@@ -25,22 +25,41 @@ import
com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
import org.springframework.http.converter.ByteArrayHttpMessageConverter;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.ResourceHttpMessageConverter;
import org.springframework.http.converter.StringHttpMessageConverter;
import
org.springframework.http.converter.support.AllEncompassingFormHttpMessageConverter;
+import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import java.io.IOException;
import java.util.List;
@Configuration
-public class WebMvcConfig implements WebMvcConfigurer {
+public class WebMvcConfig extends OncePerRequestFilter implements
WebMvcConfigurer {
@Autowired private UploadFileTypeInterceptor uploadFileTypeInterceptor;
+ @Override
+ protected void doFilterInternal(
+ HttpServletRequest request, HttpServletResponse response, FilterChain
filterChain)
+ throws ServletException, IOException {
+ if (request.getMethod().equals(HttpMethod.TRACE.name())) {
+ response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
+ } else {
+ filterChain.doFilter(request, response);
+ }
+ }
+
@Override
public void extendMessageConverters(List<HttpMessageConverter<?>>
converters) {
converters.add(new ByteArrayHttpMessageConverter());
@@ -54,12 +73,22 @@ public class WebMvcConfig implements WebMvcConfigurer {
registry
.addMapping("/**")
.allowedOriginPatterns("*")
- .allowedMethods("POST", "GET", "PUT", "OPTIONS", "DELETE")
+ .allowedMethods(
+ HttpMethod.GET.name(),
+ HttpMethod.POST.name(),
+ HttpMethod.PUT.name(),
+ HttpMethod.DELETE.name(),
+ HttpMethod.OPTIONS.name())
.allowedHeaders("*")
.allowCredentials(true)
.maxAge(3600);
}
+ @Override
+ public void addInterceptors(InterceptorRegistry registry) {
+
registry.addInterceptor(uploadFileTypeInterceptor).addPathPatterns("/flink/app/upload");
+ }
+
@Bean
public Module jacksonModule() {
SimpleModule module = new SimpleModule();
@@ -67,9 +96,4 @@ public class WebMvcConfig implements WebMvcConfigurer {
module.addSerializer(Long.TYPE, ToStringSerializer.instance);
return module;
}
-
- @Override
- public void addInterceptors(InterceptorRegistry registry) {
-
registry.addInterceptor(uploadFileTypeInterceptor).addPathPatterns("/flink/app/upload");
- }
}
