Bryan Bende created NIFI-7684:
---------------------------------
Summary: SanitizationContextPathFilter should be applied to
nifi-web-api war
Key: NIFI-7684
URL: https://issues.apache.org/jira/browse/NIFI-7684
Project: Apache NiFi
Issue Type: Improvement
Affects Versions: 1.11.4
Reporter: Bryan Bende
If you setup a proxy to nifi-api and do not add the proxy context path to
nifi.proxy.context.path, some end-points will throw an exception about the
context path not being whitelisted when producing a URI in the response...
{code:java}
ERROR [NiFi Web Server-3829] o.a.nifi.web.api.config.ThrowableMapper An
unexpected error has occurred: javax.ws.rs.core.UriBuilderException: The
provided context path [/my-api-proxy] was not whitelisted [/my-ui-proxy].
Returning Internal Server Error response.
javax.ws.rs.core.UriBuilderException: The provided context path
[/my-api-proxy] was not whitelisted [/my-ui-proxy]
at
org.apache.nifi.web.util.WebUtils.verifyContextPath(WebUtils.java:154)
at org.apache.nifi.web.util.WebUtils.getResourcePath(WebUtils.java:127)
at
org.apache.nifi.web.api.ApplicationResource.buildResourceUri(ApplicationResource.java:166)
at
org.apache.nifi.web.api.ApplicationResource.generateResourceUri(ApplicationResource.java:145)
at
org.apache.nifi.web.api.ProcessGroupResource.populateRemainingProcessGroupEntityContent(ProcessGroupResource.java:235)
at
org.apache.nifi.web.api.ProcessGroupResource.getProcessGroup(ProcessGroupResource.java:305)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498) {code}
We should apply the SanitizationContextPathFilter to the nifi-web-api war so
that the above request is rejected even earlier before it gets to generating
URIs in the response.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
