method CopyMethod.java MkcolMethod.java MoveMethod.java PutMethod.java

juergen Tue, 23 Apr 2002 22:25:11 -0700

juergen     02/04/23 22:42:12

  Modified:    src/webdav/server/org/apache/slide/webdav/method
                        CopyMethod.java MkcolMethod.java MoveMethod.java
                        PutMethod.java
  Log:
  Check if destination URI is restricted.
  (ralf)
  
  Revision  Changes    Path
  1.25      +11 -4     
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/CopyMethod.java
  
  Index: CopyMethod.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/CopyMethod.java,v
  retrieving revision 1.24
  retrieving revision 1.25
  diff -u -r1.24 -r1.25
  --- CopyMethod.java   16 Apr 2002 11:19:29 -0000      1.24
  +++ CopyMethod.java   24 Apr 2002 05:42:12 -0000      1.25
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/CopyMethod.java,v
 1.24 2002/04/16 11:19:29 juergen Exp $
  - * $Revision: 1.24 $
  - * $Date: 2002/04/16 11:19:29 $
  + * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/CopyMethod.java,v
 1.25 2002/04/24 05:42:12 juergen Exp $
  + * $Revision: 1.25 $
  + * $Date: 2002/04/24 05:42:12 $
    *
    * ====================================================================
    *
  @@ -148,7 +148,7 @@
        * @exception WebdavException Unrecoverable error occured while copying
        */
       protected void executeRequest()
  -        throws WebdavException {
  +        throws WebdavException, IOException {
           
           // Prevent dirty reads
           slideToken.setForceStoreEnlistment(true);
  @@ -161,6 +161,13 @@
               macroParameters = Macro.RECURSIVE_OVERWRITE_PARAMETERS;
           } else {
               macroParameters = Macro.DEFAULT_PARAMETERS;
  +        }
  +        
  +        // check destination URI
  +        UriHandler destinationUriHandler = UriHandler.getUriHandler(token, 
destinationUri);
  +        if (destinationUriHandler.isRestrictedUri()) {
  +            resp.sendError(WebdavStatus.SC_FORBIDDEN, "Destination URI is 
restricted by server");
  +            return;
           }
           
           try {
  
  
  
  1.21      +12 -5     
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MkcolMethod.java
  
  Index: MkcolMethod.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MkcolMethod.java,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -u -r1.20 -r1.21
  --- MkcolMethod.java  13 Apr 2002 14:53:39 -0000      1.20
  +++ MkcolMethod.java  24 Apr 2002 05:42:12 -0000      1.21
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MkcolMethod.java,v
 1.20 2002/04/13 14:53:39 pnever Exp $
  - * $Revision: 1.20 $
  - * $Date: 2002/04/13 14:53:39 $
  + * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MkcolMethod.java,v
 1.21 2002/04/24 05:42:12 juergen Exp $
  + * $Revision: 1.21 $
  + * $Date: 2002/04/24 05:42:12 $
    *
    * ====================================================================
    *
  @@ -80,6 +80,7 @@
   import org.apache.slide.util.Configuration;
   import org.apache.slide.webdav.util.VersioningHelper;
   import org.apache.slide.webdav.util.DeltavConstants;
  +import org.apache.slide.webdav.util.UriHandler;
   
   
   /**
  @@ -145,11 +146,17 @@
        *
        * @exception WebdavException Bad request
        */
  -    protected void executeRequest()
  -        throws WebdavException {
  +    protected void executeRequest() throws WebdavException, IOException {
           
           // Prevent dirty reads
           slideToken.setForceStoreEnlistment(true);
  +        
  +        // check destination URI
  +        UriHandler destinationUriHandler = UriHandler.getUriHandler(token, colName);
  +        if (destinationUriHandler.isRestrictedUri()) {
  +            resp.sendError(WebdavStatus.SC_FORBIDDEN, "Destination URI is 
restricted by server");
  +            return;
  +        }
           
           
           SubjectNode collection = new SubjectNode();
  
  
  
  1.28      +11 -4     
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MoveMethod.java
  
  Index: MoveMethod.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MoveMethod.java,v
  retrieving revision 1.27
  retrieving revision 1.28
  diff -u -r1.27 -r1.28
  --- MoveMethod.java   15 Apr 2002 12:58:26 -0000      1.27
  +++ MoveMethod.java   24 Apr 2002 05:42:12 -0000      1.28
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MoveMethod.java,v
 1.27 2002/04/15 12:58:26 juergen Exp $
  - * $Revision: 1.27 $
  - * $Date: 2002/04/15 12:58:26 $
  + * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/MoveMethod.java,v
 1.28 2002/04/24 05:42:12 juergen Exp $
  + * $Revision: 1.28 $
  + * $Date: 2002/04/24 05:42:12 $
    *
    * ====================================================================
    *
  @@ -168,7 +168,7 @@
        * @exception WebdavException Unrecoverable error while moving the files
        */
       protected void executeRequest()
  -        throws WebdavException {
  +        throws WebdavException, IOException {
           
           // Prevent dirty reads
           slideToken.setForceStoreEnlistment(true);
  @@ -180,6 +180,13 @@
               macroParameters = Macro.RECURSIVE_OVERWRITE_PARAMETERS;
           } else {
               macroParameters = Macro.DEFAULT_PARAMETERS;
  +        }
  +        
  +        // check destination URI
  +        UriHandler destinationUriHandler = UriHandler.getUriHandler(token, 
destinationUri);
  +        if (destinationUriHandler.isRestrictedUri()) {
  +            resp.sendError(WebdavStatus.SC_FORBIDDEN, "Destination URI is 
restricted by server");
  +            return;
           }
           
           UriHandler sourceUriHandler = UriHandler.getUriHandler(token, sourceUri);
  
  
  
  1.42      +10 -3     
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PutMethod.java
  
  Index: PutMethod.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PutMethod.java,v
  retrieving revision 1.41
  retrieving revision 1.42
  diff -u -r1.41 -r1.42
  --- PutMethod.java    13 Apr 2002 14:53:39 -0000      1.41
  +++ PutMethod.java    24 Apr 2002 05:42:12 -0000      1.42
  @@ -1,7 +1,7 @@
   /*
  - * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PutMethod.java,v
 1.41 2002/04/13 14:53:39 pnever Exp $
  - * $Revision: 1.41 $
  - * $Date: 2002/04/13 14:53:39 $
  + * $Header: 
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PutMethod.java,v
 1.42 2002/04/24 05:42:12 juergen Exp $
  + * $Revision: 1.42 $
  + * $Date: 2002/04/24 05:42:12 $
    *
    * ====================================================================
    *
  @@ -166,6 +166,13 @@
           
           // Prevent dirty reads
           slideToken.setForceStoreEnlistment(true);
  +        
  +        // check destination URI
  +        UriHandler destinationUriHandler = UriHandler.getUriHandler(token, 
resourcePath);
  +        if (destinationUriHandler.isRestrictedUri()) {
  +            resp.sendError(WebdavStatus.SC_FORBIDDEN, "Destination URI is 
restricted by server");
  +            return;
  +        }
           
           try {


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

cvs commit: jakarta-slide/src/webdav/server/org/apache/slide/webdav/method CopyMethod.java MkcolMethod.java MoveMethod.java PutMethod.java

Reply via email to