From df796902ab4a75777c813894f5244fd4f8064d8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sami=20M=C3=A4kinen?= Date: Wed, 13 Nov 2024 18:23:49 +0200 Subject: [PATCH] Initial: Remove restricted params from urls --- .../java/org/oskari/util/LayerUrlHelper.java | 27 +++++++++++++++++++ .../org/oskari/util/LayerUrlHelperTest.java | 15 +++++++++++ .../capabilities/ServiceConnectInfo.java | 4 ++- .../org/oskari/maplayer/model/MapLayer.java | 3 ++- 4 files changed, 47 insertions(+), 2 deletions(-) create mode 100644 service-base/src/main/java/org/oskari/util/LayerUrlHelper.java create mode 100644 service-base/src/test/java/org/oskari/util/LayerUrlHelperTest.java diff --git a/service-base/src/main/java/org/oskari/util/LayerUrlHelper.java b/service-base/src/main/java/org/oskari/util/LayerUrlHelper.java new file mode 100644 index 0000000000..3c8ddb8fda --- /dev/null +++ b/service-base/src/main/java/org/oskari/util/LayerUrlHelper.java @@ -0,0 +1,27 @@ +package org.oskari.util; + +import fi.nls.oskari.util.ConversionHelper; +import fi.nls.oskari.util.IOHelper; + +import java.util.List; +import java.util.Map; +import java.util.Set; + +public class LayerUrlHelper { + + private static final Set RESTRICTED_PARAMS = ConversionHelper.asSet("request", "service", "version"); + + public static String getSanitizedUrl(String pUrl) { + String baseUrl = IOHelper.removeQueryString(pUrl); + Map> params = IOHelper.parseQuerystring(pUrl); + String url = baseUrl; + + for (String key : params.keySet()) { + if (!RESTRICTED_PARAMS.contains(key.toLowerCase())) { + // not the most efficient way, but just regenerating the url without restricted params + url = IOHelper.addUrlParam(url, key, params.get(key).stream().toArray(String[]::new)); + } + } + return url; + } +} diff --git a/service-base/src/test/java/org/oskari/util/LayerUrlHelperTest.java b/service-base/src/test/java/org/oskari/util/LayerUrlHelperTest.java new file mode 100644 index 0000000000..0148fa13af --- /dev/null +++ b/service-base/src/test/java/org/oskari/util/LayerUrlHelperTest.java @@ -0,0 +1,15 @@ +package org.oskari.util; + +import org.junit.Test; + +import static org.junit.Assert.*; + +public class LayerUrlHelperTest { + + @Test + public void getSanitizedUrl() { + assertEquals("https://jee.org/?apikey=woot&proxy=not", LayerUrlHelper.getSanitizedUrl("https://jee.org/?apikey=woot&request=GetWheel&proxy=not")); + // doesn't work: + // assertEquals("resources://jee.org/?apikey=woot&proxy=not", LayerUrlHelper.getSanitizedUrl("resources://jee.org/?apikey=woot&request=GetWheel&proxy=not")); + } +} \ No newline at end of file diff --git a/service-capabilities/src/main/java/org/oskari/capabilities/ServiceConnectInfo.java b/service-capabilities/src/main/java/org/oskari/capabilities/ServiceConnectInfo.java index 44fc5c4c04..6d3eec7a6a 100644 --- a/service-capabilities/src/main/java/org/oskari/capabilities/ServiceConnectInfo.java +++ b/service-capabilities/src/main/java/org/oskari/capabilities/ServiceConnectInfo.java @@ -1,6 +1,7 @@ package org.oskari.capabilities; import fi.nls.oskari.domain.map.OskariLayer; +import org.oskari.util.LayerUrlHelper; import java.util.Objects; @@ -13,11 +14,12 @@ public class ServiceConnectInfo { private String pass; public ServiceConnectInfo(String url, String type, String version) { - this.url = url; + this.url = LayerUrlHelper.getSanitizedUrl(url); this.type = type; this.version = version; } + public void setCredentials(String user, String pass) { this.user = user; this.pass = pass; diff --git a/service-map/src/main/java/org/oskari/maplayer/model/MapLayer.java b/service-map/src/main/java/org/oskari/maplayer/model/MapLayer.java index d71ad4a750..e2b6d31f62 100644 --- a/service-map/src/main/java/org/oskari/maplayer/model/MapLayer.java +++ b/service-map/src/main/java/org/oskari/maplayer/model/MapLayer.java @@ -1,6 +1,7 @@ package org.oskari.maplayer.model; import fi.nls.oskari.domain.map.style.VectorStyle; +import org.oskari.util.LayerUrlHelper; import java.util.*; @@ -83,7 +84,7 @@ public String getUrl() { } public void setUrl(String url) { - this.url = url; + this.url = LayerUrlHelper.getSanitizedUrl(url); } public String getUsername() {