-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Praveen,
On 9/5/19 05:07, praveen kumar wrote: > Hello, I am working with an application called geoserver which > works on Apache Tomcat server. Just for an idea for those who donot > know, geoserver is an application that serves web map services. > When I am calling this service I will be providing a few parameters > about the map like layer name, height, width and so on.., Now my > requirement is to restrict the values passed to these parameters > Like for example for WIDTH it should only consider an integer, if a > request having a string for WIDTH should not reach my application. > I am looking for some redirect rules but I could not succeed. It > would be great if some one can help or guide me on this. LOL this service doesn't actually sanitize its input? Yikes. The good news is that you can do this in a few ways. You have 3 options that I can see: 1. Use a redirect filter 2. Use a reverse-proxy like Apache with some filtering configured 3. Write it yourself In order to use a redirect filter, you will have to: a. Choose a redirect filter (e.g. Tomcat's rewrite[1] or Tuckey's urlrewrite[2]) b. Configure it with a file. The configuration depends upon which filter you choose c. Bundle that filter+config with the application In order to use a reverse proxy, you'll need to: a. Choose a reverse proxy (e.g. Apache httpd, nginx, Squid, etc.) b. Configure it properly (which depends upon your choice in (a) above) In order to write it yourself, you will have to: a. Write a servlet filter in Java b. Package that filter into the application c. Install that filter into the filter-chain by modifying the application's WEB-INF/web.xml file Do you have a preference? - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl1xWtoACgkQHPApP6U8 pFhCARAAwsZXjaszlGjtKc+zlgw1MylM84ZumDsDr8TW3LuTibJib1ZBd/9wtYz9 LyMf8QnmBKl1z01GpboLnKDXlhxIewyNUPTHMZdkrYccmjQf6tePl8RGVYhcGGrY Pc8FO2xeslEQN3TwgsJKmuDNbDE+bfxO4Q/SewesUtssMPy8JkHFGaMqdkzZuZzQ njaJJnXsDVwvzQohrfHHPH3k+AkV9iJ+Q/a7edYiBYbCwG2YYZHTCYb0+kDJh/Ye kVZeki3pJ2uLBgtCRXFb2WhACsuHMPkYwsFwmtlGPswLkChcO7K/Jffy5xvBqB8Y h6fGZ//g/d/E1sk8+JHj+/CdNV4bGRKVF1tbPm90Xr60iEbOrRsDsFUWIkeINUSm btakAB5bUtfXVrY7IY0MAkgfdl1DG3ZlRYV9CGjbezOd09Q3AvqnNo8wKnqCbJjm UtPh7hcIcka+5/TjFQ4TgklmQjZZ3vCpKEs7fJn2Jju9U0a+bu9yi8YYxOuxqMSr V3g5PUIVtV7UsZf9iZ0il/P8Cdkgbw0mjTc1/GotvXzCPkgBtcYXInsHoaPnBBpe ZsL/vSHjkeh+wXueemetfJMFoaw3Ts2Y9KYisIMzhxZhlXA9HmKYzttcLn6uVOYK bZNd0WW1jqkt3rUpMWxx5w2mnHaK6lN0gf0SBuLdkT2tCRZbiZ4= =sT7H -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org