/** * Returns the decoded key-value parameter pairs of the URI. */ public Map<String, List<String>> getParameters() { if (params == null) { if (hasPath) { int pathLength = getPath().length(); if (uri.length() == pathLength) { return Collections.emptyMap(); } decodeParams(uri.substring(pathLength + 1)); } else { if (uri.length() == 0) { return Collections.emptyMap(); } decodeParams(uri); } } return params; }
protected String sanitizeUri(String uri) throws URISyntaxException { // Decode the path. try { uri = URLDecoder.decode(uri, "UTF-8"); } catch (UnsupportedEncodingException e) { try { uri = URLDecoder.decode(uri, "ISO-8859-1"); } catch (UnsupportedEncodingException e1) { throw new Error(); } } // Convert file separators. uri = uri.replace(File.separatorChar, '/'); // Simplistic dumb security check. // You will have to do something serious in the production environment. if (uri.contains(File.separator + ".") || uri.contains("." + File.separator) || uri.startsWith(".") || uri.endsWith(".")) { return null; } QueryStringDecoder decoder = new QueryStringDecoder(uri); uri = decoder.getPath(); if (uri.endsWith("/")) { uri += "index.html"; } return uri; }
request.setUri(request.getUri().replaceFirst(service.getUrl(), "")); QueryStringDecoder qsd = new QueryStringDecoder(request.getUri()); String path = qsd.getPath();
public void handle(HttpRequest request, HttpResponse response) { QueryStringDecoder qsd = new QueryStringDecoder(request.getUri()); String path = qsd.getPath(); if (!path.matches(".*/iframe[0-9-.a-z_]*.html")) { response.setStatus(HttpResponseStatus.NOT_FOUND); response.setContent(ChannelBuffers.copiedBuffer("Not found", CharsetUtil.UTF_8)); return; } response.setHeader(HttpHeaders.Names.SET_COOKIE, "JSESSIONID=dummy; path=/"); if (request.containsHeader(HttpHeaders.Names.IF_NONE_MATCH)) { response.setStatus(HttpResponseStatus.NOT_MODIFIED); response.removeHeader(HttpHeaders.Names.CONTENT_TYPE); } else { response.setHeader(HttpHeaders.Names.CONTENT_TYPE, "text/html; charset=UTF-8"); response.setHeader(HttpHeaders.Names.CACHE_CONTROL, "max-age=31536000, public"); response.setHeader(HttpHeaders.Names.EXPIRES, "FIXME"); // FIXME: Fix this response.removeHeader(HttpHeaders.Names.SET_COOKIE); response.setContent(content); } response.setHeader(HttpHeaders.Names.ETAG, etag); }