Example usage for org.springframework.web.util WebUtils FORWARD_PATH_INFO_ATTRIBUTE

List of usage examples for org.springframework.web.util WebUtils FORWARD_PATH_INFO_ATTRIBUTE

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.web.util.*
  5. WebUtils
  6. FORWARD_PATH_INFO_ATTRIBUTE

Introduction

In this page you can find the example usage for org.springframework.web.util WebUtils FORWARD_PATH_INFO_ATTRIBUTE.

Prototype

String FORWARD_PATH_INFO_ATTRIBUTE

To view the source code for org.springframework.web.util WebUtils FORWARD_PATH_INFO_ATTRIBUTE.

Click Source Link

Document

Standard Servlet 2.4+ spec request attribute for forward path info.

Usage

From source file:arena.utils.ServletUtils.java

public static String canonicalizeURI(String uri, String webrootPath, HttpServletRequest request,
        boolean isPublicURI) {

    boolean isInclude = WebUtils.isIncludeRequest(request);
    boolean isForward = (request.getAttribute(WebUtils.FORWARD_PATH_INFO_ATTRIBUTE) != null);

    // Check it's not an illegal URL
    File webroot = new File(webrootPath);
    File configFile = new File(webroot, uri); // build a canonical version if we can
    String canonicalURI = FileUtils.constructOurCanonicalVersion(configFile, webroot);
    if (!FileUtils.isDescendant(webroot, configFile, webroot)) {
        return null; // illegal
    } else if (isPublicURI && !isInclude && !isForward
            && FileUtils.isDescendant(new File(webroot, "WEB-INF"), configFile, webroot)) {
        return null; // don't allow direct access to web-inf
    } else if (isPublicURI && !isInclude && !isForward
            && FileUtils.isDescendant(new File(webroot, "META-INF"), configFile, webroot)) {
        return null; // don't allow direct access to meta-inf
    } else {/*  ww w .java 2  s.  c  o  m*/
        return canonicalURI;
    }
}