cziegeler commented on a change in pull request #6:
URL:
https://github.com/apache/sling-org-apache-sling-security/pull/6#discussion_r801605247
##########
File path: src/main/java/org/apache/sling/security/impl/ReferrerFilter.java
##########
@@ -430,6 +448,22 @@ private boolean isValidRegexReferrer(HostInfo hostInfo) {
return false;
}
+ /**
+ * Returns <code>true</code> if the path info associated with the given
request is contained in the configured excluded paths.
+ *
+ * @param request The request to check
+ * @return <code>true</code> if the path-info associate with the given
request is contained in the configured excluded paths.
+ */
+ private boolean isExcludedPath(HttpServletRequest request) {
+ String path = request.getPathInfo();
+ for (final String excludedPath : this.excludedPaths) {
+ if (excludedPath.equals(path)) {
Review comment:
I would add a null check for excludedPath here, as a sanity check
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
