weblogic https 대응
This commit is contained in:
@@ -37,11 +37,9 @@ public class CrossScriptingFilter implements Filter {
|
||||
String uri = request.getRequestURL().toString();
|
||||
String servletPath = request.getServletPath();
|
||||
String baseUrl = uri.replace(servletPath, "");
|
||||
boolean isValidUrl = returnUrl.startsWith(baseUrl);
|
||||
System.out.println("checkReturnUrl => "+ uri + " : "+ servletPath);
|
||||
System.out.println("checkReturnUrl => "+ baseUrl + " : "+ returnUrl);
|
||||
System.out.println("checkReturnUrl => "+ returnUrl + " : "+ isValidUrl);
|
||||
return isValidUrl;
|
||||
// 25.11.10 - weblogic https://host:443/ 문제 대응
|
||||
baseUrl = baseUrl.replace(":443", "");
|
||||
return returnUrl.startsWith(baseUrl);
|
||||
}
|
||||
|
||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
|
||||
@@ -52,7 +50,6 @@ public class CrossScriptingFilter implements Filter {
|
||||
String returnUrl = (String)request.getParameter("returnUrl");
|
||||
if(returnUrl != null) {
|
||||
if(!checkReturnUrl(request, returnUrl)) {
|
||||
System.out.println("[CrossScriptingFilter] bad request. - " + returnUrl);
|
||||
response.sendError(HttpServletResponse.SC_BAD_REQUEST, "bad request. - "+returnUrl);
|
||||
return;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user