From 211059b332dd2770ad3a9f2390229b322b42c6c7 Mon Sep 17 00:00:00 2001 From: xyllq999 <734432375@qq.com> Date: Mon, 4 Nov 2024 19:17:59 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E9=81=BF=E5=85=8DFE=E6=97=A5=E5=BF=97?= =?UTF-8?q?=E6=89=93=E5=8D=B0URL=E6=89=93=E5=8D=B0=E6=98=8E=E6=96=87token?= =?UTF-8?q?=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xuyan103@huawei.com Signed-off-by: xyllq999 <734432375@qq.com> --- .../main/java/com/starrocks/common/util/Util.java | 7 +++++-- .../com/starrocks/http/rest/RestBaseAction.java | 14 ++++++-------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/fe/fe-core/src/main/java/com/starrocks/common/util/Util.java b/fe/fe-core/src/main/java/com/starrocks/common/util/Util.java index e04ca2c225812..655b568a86b11 100644 --- a/fe/fe-core/src/main/java/com/starrocks/common/util/Util.java +++ b/fe/fe-core/src/main/java/com/starrocks/common/util/Util.java @@ -41,6 +41,7 @@ import com.starrocks.catalog.Type; import com.starrocks.common.AnalysisException; import com.starrocks.common.TimeoutException; +import com.starrocks.http.WebUtils; import com.starrocks.qe.ConnectContext; import com.starrocks.server.GlobalStateMgr; import com.starrocks.sql.analyzer.SemanticException; @@ -321,8 +322,10 @@ public static String getResultForUrl(String urlStr, String encodedAuthInfo, int int readTimeoutMs) { StringBuilder sb = new StringBuilder(); InputStream stream = null; + String safeUrl = urlStr; try { URL url = new URL(urlStr); + safeUrl = WebUtils.sanitizeHttpReqUri(urlStr); URLConnection conn = url.openConnection(); if (encodedAuthInfo != null) { conn.setRequestProperty("Authorization", "Basic " + encodedAuthInfo); @@ -338,14 +341,14 @@ public static String getResultForUrl(String urlStr, String encodedAuthInfo, int sb.append(line); } } catch (Exception e) { - LOG.warn("failed to get result from url: {}. {}", urlStr, e.getMessage()); + LOG.warn("failed to get result from url: {}. {}", safeUrl, e.getMessage()); return null; } finally { if (stream != null) { try { stream.close(); } catch (IOException e) { - LOG.warn("failed to close stream when get result from url: {}", urlStr, e); + LOG.warn("failed to close stream when get result from url: {}", safeUrl, e); } } } diff --git a/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java b/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java index 4ce5d3d12717d..7fed96b76c3fb 100644 --- a/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java +++ b/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java @@ -42,11 +42,7 @@ import com.starrocks.common.Pair; import com.starrocks.common.StarRocksHttpException; import com.starrocks.common.util.UUIDUtil; -import com.starrocks.http.ActionController; -import com.starrocks.http.BaseAction; -import com.starrocks.http.BaseRequest; -import com.starrocks.http.BaseResponse; -import com.starrocks.http.HttpConnectContext; +import com.starrocks.http.*; import com.starrocks.privilege.AccessDeniedException; import com.starrocks.privilege.AuthorizationMgr; import com.starrocks.qe.ConnectContext; @@ -92,18 +88,20 @@ public RestBaseAction(ActionController controller) { @Override public void handleRequest(BaseRequest request) { BaseResponse response = new BaseResponse(); + String url = request.getRequest().uri(); try { + url = WebUtils.sanitizeHttpReqUri(request.getRequest().uri()); execute(request, response); } catch (AccessDeniedException accessDeniedException) { - LOG.warn("failed to process url: {}", request.getRequest().uri(), accessDeniedException); + LOG.warn("failed to process url: {}", url, accessDeniedException); response.updateHeader(HttpHeaderNames.WWW_AUTHENTICATE.toString(), "Basic realm=\"\""); response.appendContent(new RestBaseResult(getErrorRespWhenUnauthorized(accessDeniedException)).toJson()); writeResponse(request, response, HttpResponseStatus.UNAUTHORIZED); } catch (DdlException e) { - LOG.warn("fail to process url: {}", request.getRequest().uri(), e); + LOG.warn("fail to process url: {}", url, e); sendResult(request, response, new RestBaseResult(e.getMessage())); } catch (Exception e) { - LOG.warn("fail to process url: {}", request.getRequest().uri(), e); + LOG.warn("fail to process url: {}", url, e); String msg = e.getMessage(); if (msg == null) { msg = e.toString(); From 091f3bc2a916a68932031964a11e1d6fa532b59c Mon Sep 17 00:00:00 2001 From: xyllq999 <734432375@qq.com> Date: Mon, 4 Nov 2024 19:23:43 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E9=81=BF=E5=85=8DFE=E6=97=A5=E5=BF=97?= =?UTF-8?q?=E6=89=93=E5=8D=B0URL=E6=89=93=E5=8D=B0=E6=98=8E=E6=96=87token?= =?UTF-8?q?=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xuyan103@huawei.com Signed-off-by: xyllq999 <734432375@qq.com> --- .../main/java/com/starrocks/http/rest/RestBaseAction.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java b/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java index 7fed96b76c3fb..20d2e43ced59b 100644 --- a/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java +++ b/fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java @@ -42,7 +42,12 @@ import com.starrocks.common.Pair; import com.starrocks.common.StarRocksHttpException; import com.starrocks.common.util.UUIDUtil; -import com.starrocks.http.*; +import com.starrocks.http.ActionController; +import com.starrocks.http.BaseAction; +import com.starrocks.http.BaseRequest; +import com.starrocks.http.BaseResponse; +import com.starrocks.http.HttpConnectContext; +import com.starrocks.http.WebUtils; import com.starrocks.privilege.AccessDeniedException; import com.starrocks.privilege.AuthorizationMgr; import com.starrocks.qe.ConnectContext;