public SecurePackageResourceGuard(ConcurrentMap<String, Boolean> cache) { this.cache = cache; // the order is important for better performance // first add the most commonly used addPattern("+*.js"); addPattern("+*.css"); addPattern("+*.png"); addPattern("+*.jpg"); addPattern("+*.jpeg"); addPattern("+*.gif"); addPattern("+*.ico"); // WICKET-208 non page templates may be served addPattern("+*.html"); addPattern("+*.txt"); addPattern("+*.swf"); addPattern("+*.bmp"); }
/** * Sets pattern. * * @param pattern * pattern */ public void setPattern(List<SearchPattern> pattern) { this.pattern = pattern; clearCache(); }
@Override public boolean accept(final Class<?> scope, final String absolutePath) { // use double checked locking pattern to reduce overhead if (!initialized) { synchronized (this) { if (!initialized) { onInit(); initialized = true; } } } if (isUserLoggedIn() || isWhitelisted(scope)) { return super.accept(scope, absolutePath); } log.error("Public access denied to non-whitelisted (static) package resource: {}", absolutePath); return false; }
addPattern("+*.js"); addPattern("+*.css"); addPattern("+*.png"); addPattern("+*.jpg"); addPattern("+*.jpeg"); addPattern("+*.gif"); addPattern("+*.ico"); addPattern("+*.cur"); addPattern("+*.map"); addPattern("+*.html"); addPattern("+*.txt"); addPattern("+*.swf"); addPattern("+*.bmp"); addPattern("+*.svg"); addPattern("+*.eot"); addPattern("+*.ttf"); addPattern("+*.woff"); addPattern("+*.woff2");
/** * Gets the current list of pattern. Please invoke clearCache() or setPattern(List) when * finished in order to clear the cache of previous checks. * * @return pattern */ public List<SearchPattern> getPattern() { clearCache(); return pattern; }
addPattern("+*.js"); addPattern("+*.css"); addPattern("+*.png"); addPattern("+*.jpg"); addPattern("+*.jpeg"); addPattern("+*.gif"); addPattern("+*.ico"); addPattern("+*.cur"); addPattern("+*.map"); addPattern("+*.html"); addPattern("+*.txt"); addPattern("+*.swf"); addPattern("+*.bmp"); addPattern("+*.svg"); addPattern("+*.eot"); addPattern("+*.ttf"); addPattern("+*.woff"); addPattern("+*.woff2");
/** * Sets pattern. * * @param pattern * pattern */ public void setPattern(List<SearchPattern> pattern) { this.pattern = pattern; clearCache(); }
/** * updates the security manager to allow fonts and less files if necessary. * * @param app The current application */ private static void updateSecurityManager(final Application app) { final IPackageResourceGuard packageResourceGuard = app.getResourceSettings().getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard; guard.addPattern("+*.woff"); guard.addPattern("+*.woff2"); guard.addPattern("+*.eot"); guard.addPattern("+*.svg"); guard.addPattern("+*.ttf"); guard.addPattern("+*.css.map"); } }
/** * Gets the current list of pattern. Please invoke clearCache() or setPattern(List) when * finished in order to clear the cache of previous checks. * * @return pattern */ public List<SearchPattern> getPattern() { clearCache(); return pattern; }
/** * updates the security manager to allow fonts and less files if necessary. * * @param app The current application * @param settings The settings to use */ private static void updateSecurityManager(final Application app, final IBootstrapSettings settings) { final IPackageResourceGuard packageResourceGuard = app.getResourceSettings().getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard; guard.addPattern("+*.woff"); guard.addPattern("+*.eot"); guard.addPattern("+*.svg"); guard.addPattern("+*.ttf"); if (settings.getBootstrapLessCompilerSettings().useLessCompiler()) { guard.addPattern("+*.less"); } } }
/** * Sets pattern. * * @param pattern * pattern */ public void setPattern(List<SearchPattern> pattern) { this.pattern = pattern; clearCache(); }
/** * Adds the given file patterns to package resource guard from the given application. * * @param application * the application * @param patterns * the patterns */ public static void addFilePatternsToPackageResourceGuard(final Application application, final String... patterns) { final IPackageResourceGuard packageResourceGuard = application.getResourceSettings() .getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { final SecurePackageResourceGuard guard = (SecurePackageResourceGuard)packageResourceGuard; for (final String pattern : patterns) { guard.addPattern(pattern); } } }
/** * Gets the current list of pattern. Please invoke clearCache() or setPattern(List) when * finished in order to clear the cache of previous checks. * * @return pattern */ public List<SearchPattern> getPattern() { clearCache(); return pattern; }
public void init(Application application) { application.getRootRequestMapperAsCompound().add(new TinyMceRequestMapper()); // Resource Package Guard security settings to fix .htm file problem IPackageResourceGuard packageResourceGuard = application.getResourceSettings().getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard; guard.addPattern("+wicket/contrib/tinymce/tiny_mce/**/*.htm"); } }
/** * @param pattern */ public void addPattern(String pattern) { this.pattern.add(new SearchPattern(pattern)); clearCache(); }
public void init(Application application) { application.getRootRequestMapperAsCompound().add(new TinyMceRequestMapper()); // Resource Package Guard security settings to fix .htm file problem IPackageResourceGuard packageResourceGuard = application.getResourceSettings().getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard; guard.addPattern("+wicket/contrib/tinymce/tiny_mce/**/*.htm"); } }
/** * @param pattern */ public void addPattern(String pattern) { this.pattern.add(new SearchPattern(pattern)); clearCache(); }
@Override public void init(WebApplication webApplication) { IPackageResourceGuard packageResourceGuard = webApplication.getResourceSettings().getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard; for(String pattern : props.getPattern()){ guard.addPattern(pattern); } } wicketEndpointRepository.add(new WicketAutoConfig.Builder(this.getClass()) .withDetail("properties", props) .build()); }
/** * @param pattern */ public void addPattern(String pattern) { this.pattern.add(new SearchPattern(pattern)); clearCache(); }
@Override public void init(WebApplication webApplication) { IPackageResourceGuard packageResourceGuard = webApplication.getResourceSettings().getPackageResourceGuard(); if (packageResourceGuard instanceof SecurePackageResourceGuard) { SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard; for(String pattern : props.getPattern()){ guard.addPattern(pattern); } } wicketEndpointRepository.add(new WicketAutoConfig.Builder(this.getClass()) .withDetail("properties", props) .build()); }