private String getPath(StaplerRequest req) { String path = req.getRestOfPath(); if(path.length()==0) path = "/"; return path; }
public Slave.JnlpJar doJnlpJars(StaplerRequest req) { return new Slave.JnlpJar(req.getRestOfPath().substring(1)); }
/** * Serves static resources placed along with Jelly view files. * <p> * This method can serve a lot of files, so care needs to be taken * to make this method secure. It's not clear to me what's the best * strategy here, though the current implementation is based on * file extensions. */ public void doResources(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException { String path = req.getRestOfPath(); // cut off the "..." portion of /resources/.../path/to/file // as this is only used to make path unique (which in turn // allows us to set a long expiration date path = path.substring(path.indexOf('/',1)+1); int idx = path.lastIndexOf('.'); String extension = path.substring(idx+1); if(ALLOWED_RESOURCE_EXTENSIONS.contains(extension)) { URL url = pluginManager.uberClassLoader.getResource(path); if(url!=null) { long expires = MetaClass.NO_CACHE ? 0 : 365L * 24 * 60 * 60 * 1000; /*1 year*/ rsp.serveFile(req,url,expires); return; } } rsp.sendError(HttpServletResponse.SC_NOT_FOUND); }
/** * This method serves static resources in the plugin under {@code hudson/plugin/SHORTNAME}. */ public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException { String path = req.getRestOfPath(); String pathUC = path.toUpperCase(Locale.ENGLISH); if (path.isEmpty() || path.contains("..") || path.startsWith(".") || path.contains("%") || pathUC.contains("META-INF") || pathUC.contains("WEB-INF") // ClassicPluginStrategy#explode produce that file to know if a new explosion is required or not || pathUC.equals("/.TIMESTAMP2") ) { LOGGER.warning("rejecting possibly malicious " + req.getRequestURIWithQueryString()); rsp.sendError(HttpServletResponse.SC_BAD_REQUEST); return; } // Stapler routes requests like the "/static/.../foo/bar/zot" to be treated like "/foo/bar/zot" // and this is used to serve long expiration header, by using Jenkins.VERSION_HASH as "..." // to create unique URLs. Recognize that and set a long expiration header. String requestPath = req.getRequestURI().substring(req.getContextPath().length()); boolean staticLink = requestPath.startsWith("/static/"); long expires = staticLink ? TimeUnit.DAYS.toMillis(365) : -1; // use serveLocalizedFile to support automatic locale selection rsp.serveLocalizedFile(req, new URL(wrapper.baseResourceURL, '.' + path), expires); }
public WebHookAction resolve(final String projectName, StaplerRequest request) { Iterator<String> restOfPathParts = Splitter.on('/').omitEmptyStrings().split(request.getRestOfPath()).iterator(); Item project = resolveProject(projectName, restOfPathParts); if (project == null) { throw HttpResponses.notFound(); } return resolveAction(project, Joiner.on('/').join(restOfPathParts), request); }
public Object getTarget() { try { checkPermission(READ); } catch (AccessDeniedException e) { if (!isSubjectToMandatoryReadPermissionCheck(Stapler.getCurrentRequest().getRestOfPath())) { return this; } throw e; } return this; }
/** * Exposes assets in the core classloader over HTTP. */ public void doDynamic(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException { String path = req.getRestOfPath(); URL resource = findResource(path); if (resource == null) { rsp.setStatus(HttpServletResponse.SC_NOT_FOUND); return; } // Stapler routes requests like the "/static/.../foo/bar/zot" to be treated like "/foo/bar/zot" // and this is used to serve long expiration header, by using Jenkins.VERSION_HASH as "..." // to create unique URLs. Recognize that and set a long expiration header. String requestPath = req.getRequestURI().substring(req.getContextPath().length()); boolean staticLink = requestPath.startsWith("/static/"); long expires = staticLink ? TimeUnit.DAYS.toMillis(365) : -1; // use serveLocalizedFile to support automatic locale selection rsp.serveLocalizedFile(req, resource, expires); }
if (("/" + originalFileName).equals(request.getRestOfPath())) { AbstractBuild build = (AbstractBuild)request.findAncestor(AbstractBuild.class).getObject(); File fileParameter = getLocationUnderBuild(build);
public void doCommand(StaplerRequest req, StaplerResponse rsp) throws ServletException, IOException { final Jenkins jenkins = Jenkins.getActiveInstance(); jenkins.checkPermission(Jenkins.READ); // Strip trailing slash final String commandName = req.getRestOfPath().substring(1); CLICommand command = CLICommand.clone(commandName); if (command == null) { rsp.sendError(HttpServletResponse.SC_NOT_FOUND, "No such command"); return; } req.setAttribute("command", command); req.getView(this, "command.jelly").forward(req, rsp); }
@Override public Object getTarget() { StaplerRequest req = Stapler.getCurrentRequest(); if (req.getRestOfPath().length()==0 && "POST".equals(req.getMethod())) { // CLI connection request if ("false".equals(req.getParameter("remoting"))) { throw new PlainCliEndpointResponse(); } else if (jenkins.CLI.get().isEnabled()) { throw new RemotingCliEndpointResponse(); } else { throw HttpResponses.forbidden(); } } else { return this; } }
String path = req.getRestOfPath(); if(path.contains("..")) throw new ServletException("Illegal path: "+path);
private String getPath(StaplerRequest req) { String path = req.getRestOfPath(); if(path.length()==0) path = "/"; return path; }
private String getPath(StaplerRequest req) { String path = req.getRestOfPath(); if(path.length()==0) path = "/"; return path; }
private String getPath(StaplerRequest req) { String path = req.getRestOfPath(); if (path.length() == 0) { path = "/"; } return path; }
public void doRepoAction(final StaplerRequest req, final StaplerResponse rsp) throws InvocationTargetException, IllegalAccessException { final String[] tokens = StringUtils.split(req.getRestOfPath(), "/"); final GithubRepoAction repoAction = getRepoAction(tokens[0]); if (repoAction != null) { final String methodToken = tokens.length > 1 ? tokens[1] : "index"; final String methodName = "do" + StringUtils.capitalize(methodToken); final Method method = ReflectionUtils.getPublicMethodNamed(repoAction.getClass(), methodName); method.invoke(repoAction, req, rsp); } }
private boolean useNewUi(final String token, final StaplerRequest req) { return isNewUi() && (StringUtils.startsWith(token, "dotCI") || //job pages (NumberUtils.isNumber(token) && (StringUtils.isEmpty(req.getRestOfPath()) || StringUtils.contains(req.getRestOfPath(), "dotCI")))); // buildpages }
public void doBranchBuilds(final StaplerRequest req, final StaplerResponse rsp) throws IOException, ServletException, InterruptedException { final String tab = req.getRestOfPath().replace("/", ""); handleBranchTabs(tab, req); rsp.forwardToPreviousPage(req); }
/** * Binds {@link SourceFile}s into URL. */ public void doSourceFile(StaplerRequest req, StaplerResponse rsp) throws IOException { String name = req.getRestOfPath().substring(1); // Remove leading / for (SourceFile sf : getSourceFiles()) if (sf.name.equals(name)) { sf.doIndex(rsp); return; } rsp.sendError(rsp.SC_NOT_FOUND); }
public Object getTarget() { // Proxy to handle redirect when a default subview is configured return (getDefaultView() != null && "".equals(Stapler.getCurrentRequest().getRestOfPath())) ? new DefaultViewProxy() : this; }
public Object getTarget() { try { checkPermission(READ); } catch (AccessDeniedException e) { if (!isSubjectToMandatoryReadPermissionCheck(Stapler.getCurrentRequest().getRestOfPath())) { return this; } throw e; } return this; }