Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a new annotation and an interceptor to control and check content … #36

Merged
merged 9 commits into from
Sep 23, 2024
Merged

Add a new annotation and an interceptor to control and check content … #36

merged 9 commits into from
Sep 23, 2024

Conversation

benoitvasseur
Copy link

…size of bodies and files

Will need an update after jersey migration to jakarta

@amanteaux amanteaux added this to the 5.0.0 milestone Sep 17, 2024
amanteaux
amanteaux requested changes Sep 17, 2024
View reviewed changes
Copy link
Member

@amanteaux amanteaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Il faudrait aussi ajouter une documentation dans le fichier README.md du module pour expliquer comment l'utiliser

plume-web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentSizeLimit.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated Show resolved Hide resolved
plume-web-jersey/src/test/java/com/coreoz/plume/jersey/control/ContentSizeLimitTest.java Outdated Show resolved Hide resolved
@amanteaux amanteaux assigned benoitvasseur and unassigned amanteaux Sep 17, 2024
@benoitvasseur benoitvasseur force-pushed the content-size branch 2 times, most recently from c7b35bb to e654911 Compare September 19, 2024 16:53
@benoitvasseur benoitvasseur marked this pull request as ready for review September 19, 2024 17:05
amanteaux
amanteaux reviewed Sep 23, 2024
View reviewed changes
...web-jersey/src/main/java/com/coreoz/plume/jersey/security/control/ContentControlFeature.java Outdated
Comment on lines 61 to 66
Integer headerContentLength;
try {
headerContentLength = Integer.parseInt(context.getHeaders().getFirst(HttpHeaders.CONTENT_LENGTH));
} catch (NumberFormatException e) {
headerContentLength = maxSize; // default value for GET or chunked body
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

C'est un peu cracra, tu vas lever des exceptions à chaque requête GET.
Ce serait mieux de faire le parsing seulement si le header est non nul.

Par exemple :

Suggested change
Integer headerContentLength;
try {
headerContentLength = Integer.parseInt(context.getHeaders().getFirst(HttpHeaders.CONTENT_LENGTH));
} catch (NumberFormatException e) {
headerContentLength = maxSize; // default value for GET or chunked body
}
int headerContentLength = maxSize; // default value for GET or chunked body
String contentLengthHeader = context.getHeaders().getFirst(HttpHeaders.CONTENT_LENGTH);
if (contentLengthHeader) {
try {
headerContentLength = Integer.parseInt(contentLengthHeader);
} catch (NumberFormatException e) {
logger.warn("Wrong content length header received: {}", contentLengthHeader);
}
}

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
81.4% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@amanteaux amanteaux merged commit 30a52fe into master Sep 23, 2024
2 checks passed
@amanteaux amanteaux deleted the content-size branch November 7, 2024 17:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amanteaux amanteaux amanteaux requested changes

Assignees

@benoitvasseur benoitvasseur

Labels
breaking-change enhancement
Projects
None yet
Milestone
5.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@benoitvasseur @amanteaux @bvasseur-urw